Lucene search

K
ubuntucveUbuntu.comUB:CVE-2012-1601
HistoryMar 29, 2012 - 12:00 a.m.

CVE-2012-1601

2012-03-2900:00:00
ubuntu.com
ubuntu.com
24

CVSS2

4.9

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:N/A:C

EPSS

0.001

Percentile

26.7%

The KVM implementation in the Linux kernel before 3.3.6 allows host OS
users to cause a denial of service (NULL pointer dereference and host OS
crash) by making a KVM_CREATE_IRQCHIP ioctl call after a virtual CPU
already exists.

Bugs

Notes

Author Note
apw sha1 below is from the KVM tree, though it is likely to be the right one when it hits upstream. Patch title is: KVM: Ensure all vcpus are consistent with in-kernel irqchip settings now arrived in linus’ tree as the sha1 below
Rows per page:
1-10 of 111

CVSS2

4.9

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:N/A:C

EPSS

0.001

Percentile

26.7%