PROBLEM:
Linux Kernel KVM Memory Slot Management Flaw
PLATFORM:
prior to 3.3.4
ABSTRACT:
A vulnerability was reported in the Linux Kernel. A local user on the guest operating system can cause denial of service conditions on the host operating system.
Reference Links:
SecurityTracker Alert ID: 1027083
Vendor Advisory
CVE-2012-2121
IMPACT ASSESSMENT:
Medium
Discussion:
A local user on the guest operating system with privileges to hotunplug and hotplug certain devices can trigger a KVM memory slot and iommu management error to cause the host system to crash.
Impact:
A local privileged user on the guest operating system can cause the target host system to crash.
Solution:
The vendor has issued a fix (3.3.4).