Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntucveUbuntu.comUB:CVE-2013-6368
HistoryDec 14, 2013 - 12:00 a.m.

CVE-2013-6368

2013-12-1400:00:00
ubuntu.com
ubuntu.com
16

6.2 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:H/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

9.3%

JSON

The KVM subsystem in the Linux kernel through 3.12.5 allows local users to
gain privileges or cause a denial of service (system crash) via a VAPIC
synchronization operation involving a page-end address.

Bugs

Notes

Author Note
jdstrand per upstream, not guest triggerable because write must be done in firmware which is before the guest starts. Also only affects certain processors per kernel team, too intrusive to backport
OSVersionArchitecturePackageVersionFilename
ubuntu12.04noarchlinux<Β 3.2.0-60.91UNKNOWN
ubuntu12.10noarchlinux<Β 3.5.0-47.71UNKNOWN
ubuntu13.10noarchlinux<Β 3.11.0-17.31UNKNOWN
ubuntu12.04noarchlinux-armadaxp<Β 3.2.0-1631.43UNKNOWN
ubuntu12.10noarchlinux-armadaxp<Β 3.5.0-1628.37UNKNOWN
ubuntu12.04noarchlinux-lts-quantal<Β 3.5.0-47.71~precise1UNKNOWN
ubuntu12.04noarchlinux-lts-raring<Β 3.8.0-37.53~precise1UNKNOWN
ubuntu12.04noarchlinux-lts-saucy<Β 3.11.0-17.31~precise1UNKNOWN
ubuntu12.04noarchlinux-ti-omap4<Β 3.2.0-1444.63UNKNOWN
ubuntu12.10noarchlinux-ti-omap4<Β 3.5.0-239.55UNKNOWN
Rows per page:
1-10 of 111

Related

seebug 1
cve 1
prion 1
debiancve 1
centos 2
altlinux 3
redhat 4
nessus 31
openvas 95
oraclelinux 4
fedora 35
ubuntu 9
suse 5
mageia 5
securityvulns 2
seebug
seebug
Linux Kernelζœ¬εœ°ζƒι™ζε‡ζΌζ΄ž
2013-12-17 00:00:00
cve
cve
CVE-2013-6368
2013-12-14 18:08:00
prion
prion
Design/Logic Flaw
2013-12-14 18:08:00
debiancve
debiancve
CVE-2013-6368
2013-12-14 18:08:00
centos
centos
kmod, kvm security update
2014-02-12 19:33:17
kernel, perf, python security update
2013-12-13 00:18:44
altlinux
altlinux
Security fix for the ALT Linux 7 package kernel-image-el-def version 2.6.32-alt17
2014-01-09 00:00:00
Security fix for the ALT Linux 7 package kernel-src-kvm version 3.10.21-alt1
2013-12-20 00:00:00
Security fix for the ALT Linux 7 package kernel-image-el-def version 2.6.32-alt16
2013-12-20 00:00:00
redhat
redhat
(RHSA-2014:0163) Important: kvm security update
2014-02-12 00:00:00
(RHSA-2013:1801) Important: kernel security, bug fix, and enhancement update
2013-12-12 00:00:00
(RHSA-2013:1802) Important: rhev-hypervisor6 security and bug fix update
2013-12-12 00:00:00
nessus
nessus
RHEL 5 : kvm (RHSA-2014:0163)
2014-02-13 00:00:00
Scientific Linux Security Update : kvm on SL5.x x86_64 (20140212)
2014-02-13 00:00:00
CentOS 5 : kvm (CESA-2014:0163)
2014-02-14 00:00:00
openvas
openvas
CentOS Update for kmod-kvm CESA-2014:0163 centos5
2014-02-17 00:00:00
CentOS Update for kmod-kvm CESA-2014:0163 centos5
2014-02-17 00:00:00
RedHat Update for kernel RHSA-2013:1801-01
2013-12-17 00:00:00
oraclelinux
oraclelinux
unbreakable enterprise kernel security update
2013-12-17 00:00:00
kernel security, bug fix, and enhancement update
2013-12-12 00:00:00
kvm security update
2014-02-12 00:00:00
fedora
fedora
[SECURITY] Fedora 20 Update: kernel-3.12.5-302.fc20
2013-12-21 02:24:51
[SECURITY] Fedora 20 Update: kernel-3.12.7-300.fc20
2014-01-14 08:38:18
[SECURITY] Fedora 20 Update: kernel-3.12.8-300.fc20
2014-01-20 03:07:48
ubuntu
ubuntu
Linux kernel vulnerabilities
2014-03-07 00:00:00
Linux kernel (OMAP4) vulnerabilities
2014-03-07 00:00:00
Linux kernel vulnerabilities
2014-03-07 00:00:00
suse
suse
Security update for Linux kernel (important)
2014-04-17 02:05:07
kernel to 3.11.10 (important)
2014-02-06 19:21:55
kernel: security and bugfix update (important)
2014-02-06 19:04:40
mageia
mageia
Updated kernel-linus package fixes multiple vulnerabilities
2014-02-11 00:03:47
Updated kernel-rt packages fix security vulnerabilities
2013-12-18 03:27:56
Updated kernel-tmb packages fix security vulnerabilities
2013-12-18 03:24:11
securityvulns
securityvulns
[ MDVSA-2014:001 ] kernel
2014-01-14 00:00:00
Linux kernel security vulnerabilities
2014-03-31 00:00:00

6.2 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:H/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

9.3%

JSON
Related for UB:CVE-2013-6368
seebug1cve1prion1debiancve1centos2altlinux3redhat4nessus31openvas95oraclelinux4fedora35ubuntu9suse5mageia5securityvulns2