You are here

U-175: Linux Kernel KVM Memory Slot Management Flaw

May 23, 2012 - 7:00am

Addthis

PROBLEM:

Linux Kernel KVM Memory Slot Management Flaw

PLATFORM:

prior to 3.3.4

ABSTRACT:

A vulnerability was reported in the Linux Kernel. A local user on the guest operating system can cause denial of service conditions on the host operating system.

Reference Links:

SecurityTracker Alert ID: 1027083
Vendor Advisory
CVE-2012-2121

IMPACT ASSESSMENT:

Medium

Discussion:

A local user on the guest operating system with privileges to hotunplug and hotplug certain devices can trigger a KVM memory slot and iommu management error to cause the host system to crash.

Impact:

A local privileged user on the guest operating system can cause the target host system to crash.

Solution:

The vendor has issued a fix (3.3.4).

Addthis