CVE-2013-4592

2013-11-2013:19:00

CWE-399

[email protected]

web.nvd.nist.gov

cve-2013-4592

memory leak

__kvm_set_memory_region

linux kernel

denial of service

nvd

5.7 Medium

AI Score

Confidence

Low

4 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:H/Au:N/C:N/I:N/A:C

0.0004 Low

EPSS

Percentile

9.3%

JSON

Memory leak in the __kvm_set_memory_region function in virt/kvm/kvm_main.c in the Linux kernel before 3.9 allows local users to cause a denial of service (memory consumption) by leveraging certain device access to trigger movement of memory slots.

CPENameOperatorVersion
linux:linux_kernellinux linux kerneleq3.2.21
linux:linux_kernellinux linux kerneleq3.4.30
linux:linux_kernellinux linux kerneleq3.4.4
linux:linux_kernellinux linux kerneleq3.0.25
linux:linux_kernellinux linux kerneleq3.1.2
linux:linux_kernellinux linux kerneleq3.4.11
linux:linux_kernellinux linux kerneleq3.0
linux:linux_kernellinux linux kerneleq3.2.19
linux:linux_kernellinux linux kerneleq3.0.22
linux:linux_kernellinux linux kerneleq3.2.23

CPE	Name	Operator	Version
linux:linux_kernel	linux linux kernel	eq	3.2.21
linux:linux_kernel	linux linux kernel	eq	3.4.30
linux:linux_kernel	linux linux kernel	eq	3.4.4
linux:linux_kernel	linux linux kernel	eq	3.0.25
linux:linux_kernel	linux linux kernel	eq	3.1.2
linux:linux_kernel	linux linux kernel	eq	3.4.11
linux:linux_kernel	linux linux kernel	eq	3.0
linux:linux_kernel	linux linux kernel	eq	3.2.19
linux:linux_kernel	linux linux kernel	eq	3.0.22
linux:linux_kernel	linux linux kernel	eq	3.2.23