Linux Kernel KVM Memory Slot Management Flaw Lets Local Guest Users Deny Service on the Guest Operating System
|
|
SecurityTracker Alert ID: 1027083 |
|
SecurityTracker URL: http://securitytracker.com/id/1027083
|
|
CVE Reference:
CVE-2012-2121
(Links to External Site)
|
Date: May 22 2012
|
Impact:
Denial of service via local system
|
Fix Available: Yes Vendor Confirmed: Yes
|
Version(s): prior to 3.3.4
|
Description:
A vulnerability was reported in the Linux Kernel. A local user on the guest operating system can cause denial of service conditions on the host operating system.
A local user on the guest operating system with privileges to hotunplug and hotplug certain devices can trigger a KVM memory slot and iommu management error to cause the host system to crash.
|
Impact:
A local privileged user on the guest operating system can cause the target host system to crash.
|
Solution:
The vendor has issued a fix (3.3.4).
The vendor's advisory is available at:
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.3.4
|
Vendor URL: www.kernel.org/ (Links to External Site)
|
Cause:
Access control error, State error
|
Underlying OS:
|
|
Message History:
This archive entry has one or more follow-up message(s) listed below.
|
Source Message Contents
|
Date: Tue, 22 May 2012 02:46:59 +0000
Subject: Linux Kernel
|
The KVM implementation in the Linux kernel before 3.3.4 does not properly manage the
relationships between memory slots and the iommu, which allows guest OS users to cause
a denial of service (host OS crash) by leveraging administrative access to the guest
OS to conduct hotunplug and hotplug operations on devices.
CVE-2012-2121
|
|
