5.6 Medium
AI Score
Confidence
High
2.1 Low
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
0.0005 Low
EPSS
Percentile
17.0%
Jon Howell reported a flaw in the Linux kernel’s KVM (Kernel-based virtual
machine) subsystem’s handling of the XSAVE feature. On hosts, using qemu
userspace, without the XSAVE feature an unprivileged local attacker could
exploit this flaw to crash the system. (CVE-2012-4461)
A flaw was discovered in the Linux kernel’s handling of script execution
when module loading is enabled. A local attacker could exploit this flaw to
cause a leak of kernel stack contents. (CVE-2012-4530)
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Ubuntu | 11.10 | noarch | linux-image-3.0.0-30-server | < 3.0.0-30.47 | UNKNOWN |
Ubuntu | 11.10 | noarch | block-modules-3.0.0-30-generic-di | < 3.0.0-30.47 | UNKNOWN |
Ubuntu | 11.10 | noarch | block-modules-3.0.0-30-virtual-di | < 3.0.0-30.47 | UNKNOWN |
Ubuntu | 11.10 | noarch | crypto-modules-3.0.0-30-generic-di | < 3.0.0-30.47 | UNKNOWN |
Ubuntu | 11.10 | noarch | crypto-modules-3.0.0-30-virtual-di | < 3.0.0-30.47 | UNKNOWN |
Ubuntu | 11.10 | noarch | fat-modules-3.0.0-30-generic-di | < 3.0.0-30.47 | UNKNOWN |
Ubuntu | 11.10 | noarch | fat-modules-3.0.0-30-virtual-di | < 3.0.0-30.47 | UNKNOWN |
Ubuntu | 11.10 | noarch | fb-modules-3.0.0-30-generic-di | < 3.0.0-30.47 | UNKNOWN |
Ubuntu | 11.10 | noarch | fb-modules-3.0.0-30-virtual-di | < 3.0.0-30.47 | UNKNOWN |
Ubuntu | 11.10 | noarch | firewire-core-modules-3.0.0-30-generic-di | < 3.0.0-30.47 | UNKNOWN |