exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 13 of 13 RSS Feed

CVE-2012-2121

Status Candidate

Overview

The KVM implementation in the Linux kernel before 3.3.4 does not properly manage the relationships between memory slots and the iommu, which allows guest OS users to cause a denial of service (memory leak and host OS crash) by leveraging administrative access to the guest OS to conduct hotunplug and hotplug operations on devices.

Related Files

Ubuntu Security Notice USN-2037-1
Posted Dec 4, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2037-1 - A flaw was discovered in the Linux kernel's KVM (kernel virtual machine). An administrative user in the guest OS could leverage this flaw to cause a denial of service in the host OS. Multiple integer overflow flaws where discovered in the Alchemy LCD frame- buffer drivers in the Linux kernel. An unprivileged local user could exploit this flaw to gain administrative privileges.

tags | advisory, denial of service, overflow, kernel, local
systems | linux, ubuntu
advisories | CVE-2012-2121, CVE-2013-4511, CVE-2012-2121, CVE-2013-4511
SHA-256 | 8f0e253f175cc8ea608aeb2f1c7e4144bf9ae632874c71cf9969b00ded4b0eab
Ubuntu Security Notice USN-2036-1
Posted Dec 4, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2036-1 - A flaw was discovered in the Linux kernel's KVM (kernel virtual machine). An administrative user in the guest OS could leverage this flaw to cause a denial of service in the host OS. Multiple integer overflow flaws where discovered in the Alchemy LCD frame- buffer drivers in the Linux kernel. An unprivileged local user could exploit this flaw to gain administrative privileges.

tags | advisory, denial of service, overflow, kernel, local
systems | linux, ubuntu
advisories | CVE-2012-2121, CVE-2013-4511, CVE-2012-2121, CVE-2013-4511
SHA-256 | 21c2eb479517824bd539f67da0251316aa450a659091cc97743edac408323fed
Debian Security Advisory 2668-1
Posted May 15, 2013
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2668-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service, information leak or privilege escalation.

tags | advisory, denial of service, kernel, vulnerability
systems | linux, debian
advisories | CVE-2012-2121, CVE-2012-3552, CVE-2012-4461, CVE-2012-4508, CVE-2012-6537, CVE-2012-6539, CVE-2012-6540, CVE-2012-6542, CVE-2012-6544, CVE-2012-6545, CVE-2012-6546, CVE-2012-6548, CVE-2012-6549, CVE-2013-0349, CVE-2013-0914, CVE-2013-1767, CVE-2013-1773, CVE-2013-1774, CVE-2013-1792, CVE-2013-1796, CVE-2013-1798, CVE-2013-1826, CVE-2013-1860, CVE-2013-1928, CVE-2013-1929, CVE-2013-2015, CVE-2013-2634, CVE-2013-3222
SHA-256 | f66b5875b109e5f665558463b3f9c59ae0cb8985c108bda014534f43c51d2b5f
Ubuntu Security Notice USN-1577-1
Posted Sep 22, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1577-1 - A flaw was discovered in the Linux kernel's KVM (kernel virtual machine). An administrative user in the guest OS could leverage this flaw to cause a denial of service in the host OS. Ben Hutchings reported a flaw in the Linux kernel with some network drivers that support TSO (TCP segment offload). A local or peer user could exploit this flaw to to cause a denial of service. Jay Fenlason and Doug Ledford discovered a bug in the Linux kernel implementation of RDS sockets. A local unprivileged user could potentially use this flaw to read privileged information from the kernel. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local, tcp
systems | linux, ubuntu
advisories | CVE-2012-2121, CVE-2012-3412, CVE-2012-3430, CVE-2012-3511, CVE-2012-2121, CVE-2012-3412, CVE-2012-3430, CVE-2012-3511
SHA-256 | d586707b91b4f3b225cc4d03b41b378e30ed41bca1ca9a40018facbcf323ee68
Red Hat Security Advisory 2012-0743-01
Posted Jun 18, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0743-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. A local, unprivileged user could use an integer overflow flaw in drm_mode_dirtyfb_ioctl() to cause a denial of service or escalate their privileges. A buffer overflow flaw was found in the macvtap device driver, used for creating a bridged network between the guest and the host in KVM environments. A privileged guest user in a KVM guest could use this flaw to crash the host. Note: This issue only affected hosts that have the vhost_net module loaded with the experimental_zcopytx module option enabled, and that also have macvtap configured for at least one guest.

tags | advisory, denial of service, overflow, kernel, local
systems | linux, redhat
advisories | CVE-2012-0044, CVE-2012-1179, CVE-2012-2119, CVE-2012-2121, CVE-2012-2123, CVE-2012-2136, CVE-2012-2137, CVE-2012-2372, CVE-2012-2373
SHA-256 | 2480f3d6a1b6962283dd9e04ff5f1211daab9bed3388bb442c0b82afde24b21d
Ubuntu Security Notice USN-1476-1
Posted Jun 16, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1476-1 - Andy Adamson discovered a flaw in the Linux kernel's NFSv4 implementation. A remote NFS server (attacker) could exploit this flaw to cause a denial of service. A flaw was discovered in the Linux kernel's KVM (kernel virtual machine). An administrative user in the guest OS could leverage this flaw to cause a denial of service in the host OS. Schacher Raindel discovered a flaw in the Linux kernel's memory handling when hugetlb is enabled. An unprivileged local attacker could exploit this flaw to cause a denial of service and potentially gain higher privileges. Various other issues were also addressed.

tags | advisory, remote, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2011-4131, CVE-2012-2121, CVE-2012-2133, CVE-2012-2313, CVE-2012-2319, CVE-2012-2383, CVE-2012-2384, CVE-2011-4131, CVE-2012-2121, CVE-2012-2133, CVE-2012-2313, CVE-2012-2319, CVE-2012-2383, CVE-2012-2384
SHA-256 | 7e88c5c50cfacbb71a7657d5d285ae7ef0a77ecd41daf8b7ac21c03f027c2faf
Ubuntu Security Notice USN-1474-1
Posted Jun 13, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1474-1 - A flaw was discovered in the Linux kernel's KVM (kernel virtual machine). An administrative user in the guest OS could leverage this flaw to cause a denial of service in the host OS. Schacher Raindel discovered a flaw in the Linux kernel's memory handling when hugetlb is enabled. An unprivileged local attacker could exploit this flaw to cause a denial of service and potentially gain higher privileges. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2012-2121, CVE-2012-2133, CVE-2012-2313, CVE-2012-2319, CVE-2012-2383, CVE-2012-2384, CVE-2012-2121, CVE-2012-2133, CVE-2012-2313, CVE-2012-2319, CVE-2012-2383, CVE-2012-2384
SHA-256 | 2d5343fc89a692c19ed11b334ba4b0df5a097846854827f35c28ae14164dbb27
Ubuntu Security Notice USN-1473-1
Posted Jun 13, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1473-1 - A flaw was discovered in the Linux kernel's KVM (kernel virtual machine). An administrative user in the guest OS could leverage this flaw to cause a denial of service in the host OS. Schacher Raindel discovered a flaw in the Linux kernel's memory handling when hugetlb is enabled. An unprivileged local attacker could exploit this flaw to cause a denial of service and potentially gain higher privileges. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2012-2121, CVE-2012-2133, CVE-2012-2313, CVE-2012-2319, CVE-2012-2383, CVE-2012-2384, CVE-2012-2121, CVE-2012-2133, CVE-2012-2313, CVE-2012-2319, CVE-2012-2383, CVE-2012-2384
SHA-256 | 81d3a2a077480cf1117a02dfa200875f7fded1ed31d2e392913b7e65247c5b87
Ubuntu Security Notice USN-1472-1
Posted Jun 12, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1472-1 - Andy Adamson discovered a flaw in the Linux kernel's NFSv4 implementation. A remote NFS server (attacker) could exploit this flaw to cause a denial of service. A flaw was discovered in the Linux kernel's KVM (kernel virtual machine). An administrative user in the guest OS could leverage this flaw to cause a denial of service in the host OS. Schacher Raindel discovered a flaw in the Linux kernel's memory handling when hugetlb is enabled. An unprivileged local attacker could exploit this flaw to cause a denial of service and potentially gain higher privileges. Various other issues were also addressed.

tags | advisory, remote, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2011-4131, CVE-2012-2121, CVE-2012-2133, CVE-2012-2313, CVE-2012-2319, CVE-2012-2383, CVE-2012-2384, CVE-2011-4131, CVE-2012-2121, CVE-2012-2133, CVE-2012-2313, CVE-2012-2319, CVE-2012-2383, CVE-2012-2384
SHA-256 | f6b10b2fbdb528f442cb96e52f6df2940c5be1eeabed260818c6143b69ef8d30
Ubuntu Security Notice USN-1470-1
Posted Jun 12, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1470-1 - Andy Adamson discovered a flaw in the Linux kernel's NFSv4 implementation. A remote NFS server (attacker) could exploit this flaw to cause a denial of service. A flaw was found in the Linux kernel's KVM (Kernel Virtual Machine) virtual cpu setup. An unprivileged local user could exploit this flaw to crash the system leading to a denial of service. A flaw was discovered in the Linux kernel's KVM (kernel virtual machine). An administrative user in the guest OS could leverage this flaw to cause a denial of service in the host OS. Various other issues were also addressed.

tags | advisory, remote, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2011-4131, CVE-2012-1601, CVE-2012-2121, CVE-2012-2123, CVE-2012-2133, CVE-2011-4131, CVE-2012-1601, CVE-2012-2121, CVE-2012-2123, CVE-2012-2133
SHA-256 | fe6b359af2c687cda0fce023e8e9c9304bee201b1d57cb22fcf7188bb397c2c7
Ubuntu Security Notice USN-1471-1
Posted Jun 12, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1471-1 - Andy Adamson discovered a flaw in the Linux kernel's NFSv4 implementation. A remote NFS server (attacker) could exploit this flaw to cause a denial of service. A flaw was discovered in the Linux kernel's KVM (kernel virtual machine). An administrative user in the guest OS could leverage this flaw to cause a denial of service in the host OS. Schacher Raindel discovered a flaw in the Linux kernel's memory handling when hugetlb is enabled. An unprivileged local attacker could exploit this flaw to cause a denial of service and potentially gain higher privileges. Various other issues were also addressed.

tags | advisory, remote, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2011-4131, CVE-2012-2121, CVE-2012-2133, CVE-2012-2313, CVE-2012-2319, CVE-2012-2383, CVE-2012-2384, CVE-2011-4131, CVE-2012-2121, CVE-2012-2133, CVE-2012-2313, CVE-2012-2319, CVE-2012-2383, CVE-2012-2384
SHA-256 | 5da40a81e209efaa88fb4ba0a92153988d80335c08397b33d2a9d2f74e48edc2
Ubuntu Security Notice USN-1457-1
Posted Jun 1, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1457-1 - Andy Adamson discovered a flaw in the Linux kernel's NFSv4 implementation. A remote NFS server (attacker) could exploit this flaw to cause a denial of service. A flaw was found in the Linux kernel's KVM (Kernel Virtual Machine) virtual cpu setup. An unprivileged local user could exploit this flaw to crash the system leading to a denial of service. A flaw was discovered in the Linux kernel's KVM (kernel virtual machine). An administrative user in the guest OS could leverage this flaw to cause a denial of service in the host OS. Various other issues were also addressed.

tags | advisory, remote, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2011-4131, CVE-2012-1601, CVE-2012-2121, CVE-2012-2123, CVE-2012-2133, CVE-2011-4131, CVE-2012-1601, CVE-2012-2121, CVE-2012-2123, CVE-2012-2133
SHA-256 | 649c25f1d00b47ba22234b57faaf20821809ce2e942e784a0f40d1efe1ac41dc
Red Hat Security Advisory 2012-0676-01
Posted May 22, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0676-01 - KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. KVM is a Linux kernel module built for the standard Red Hat Enterprise Linux kernel. A flaw was found in the way the KVM_CREATE_IRQCHIP ioctl was handled. Calling this ioctl when at least one virtual CPU already existed could lead to a NULL pointer dereference later when the VCPU is scheduled to run. A malicious user in the kvm group on the host could use this flaw to crash the host. A flaw was found in the way device memory was handled during guest device removal. Upon successful device removal, memory used by the device was not properly unmapped from the corresponding IOMMU or properly released from the kernel, leading to a memory leak. A malicious user in the kvm group on the host who has the ability to assign a device to a guest could use this flaw to crash the host.

tags | advisory, kernel, memory leak
systems | linux, redhat
advisories | CVE-2012-1601, CVE-2012-2121
SHA-256 | 5ec712624114bd7a62ded7e3e13e0b431d5a90f25d887258c19bd6583197a38e
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close