SB2012051713 - Security restrictions bypass in Linux kernel
Published: May 17, 2012
Security Bulletin ID
SB2012051713
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Security restrictions bypass (CVE-ID: CVE-2012-2121)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The KVM implementation in the Linux kernel before 3.3.4 does not properly manage the relationships between memory slots and the iommu, which allows guest OS users to cause a denial of service (memory leak and host OS crash) by leveraging administrative access to the guest OS to conduct hotunplug and hotplug operations on devices.
Remediation
Install update from vendor's website.
References
- http://rhn.redhat.com/errata/RHSA-2012-0676.html
- http://rhn.redhat.com/errata/RHSA-2012-0743.html
- http://secunia.com/advisories/50732
- http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.3.4
- http://www.openwall.com/lists/oss-security/2012/04/19/16
- http://www.securitytracker.com/id?1027083
- http://www.ubuntu.com/usn/USN-1577-1
- http://www.ubuntu.com/usn/USN-2036-1
- http://www.ubuntu.com/usn/USN-2037-1
- https://bugzilla.redhat.com/show_bug.cgi?id=814149
- https://github.com/torvalds/linux/commit/09ca8e1173bcb12e2a449698c9ae3b86a8a10195