Linux kernel 2.6.x KVM create_pit_timer()函数本地拒绝服务漏洞

BUGTRAQ ID: 51172 CVE ID: CVE-2011-4622 Linux是自由电脑操作系统内核。 Linux Kernel在createpittimer的实现上存在本地拒绝服务漏洞，KVM 83的arch/x86/kvm/i8254.c中的createpittimer函数在irqchip不可用时没有正确处理PIT IRQ，本地攻击者可利用定时器通过此漏洞造成内核崩溃，拒绝服务合法用户。 0 Linux kernel 2.6.x 厂商补丁： Linux ----- 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载： http://www.kernel.or...

CVE-2011-4622

CVE-2011-4622 affects KVM (arch/x86/kvm/i8254.c) where create_pit_timer mishandles PIT IRQs if an irqchip is not available, allowing a local user to trigger a denial-of-service via NULL pointer dereference by starting a PIT timer. The vulnerability is referenced in MiracleLinux AXSA advisories as...

CVE-2011-4622

The createpittimer function in arch/x86/kvm/i8254.c in KVM 83, and possibly other versions, does not properly handle when Programmable Interval Timer PIT interrupt requests IRQs when a virtual interrupt controller irqchip is not available, which allows local users to cause a denial of service NUL...

Linux kernel 2.6.x KVM 'create_pit_timer()'函数本地拒绝服务漏洞

Bugtraq ID: 51172 CVE ID：CVE-2011-4622 Linux是一款开放源代码的操作系统。 用户空间可创建PIT但忘记了设置irqchips，在这种情况下本地攻击者可以通过PIT IRQs使主机崩溃： codeBUG: unable to handle kernel NULL pointer dereference at 0000000000000128 IP: ffffffffa10f6280 kvmsetirq+0x30/0x170 kvm ... Call Trace: ffffffffa11228c1 pitdowork+0x51/0xd0 kvm...