#VU92813 Resource management errors in Linux kernel - CVE-2012-1601

Cybersecurity Help s.r.o.

Published: 2012-05-17 | Updated: 2018-01-05

Vulnerability identifier: #VU92813

Vulnerability risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2012-1601

CWE-ID: CWE-399

Exploitation vector: Local

Exploit availability: No

Vulnerable software:
Linux kernel
Operating systems & Components / Operating system

Vendor: Linux Foundation

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The KVM implementation in the Linux kernel before 3.3.6 allows host OS users to cause a denial of service (NULL pointer dereference and host OS crash) by making a KVM_CREATE_IRQCHIP ioctl call after a virtual CPU already exists.

Mitigation
Install update from vendor's repository.

Vulnerable software versions

Linux kernel: All versions

External links
https://lists.opensuse.org/opensuse-security-announce/2013-06/msg00005.html
https://rhn.redhat.com/errata/RHSA-2012-0571.html
https://rhn.redhat.com/errata/RHSA-2012-0676.html
https://secunia.com/advisories/49928
https://www.debian.org/security/2012/dsa-2469
https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.3.6
https://www.openwall.com/lists/oss-security/2012/03/30/1
https://www.securitytracker.com/id?1026897
https://bugzilla.redhat.com/show_bug.cgi?id=808199
https://github.com/torvalds/linux/commit/9c895160d25a76c21b65bad141b08e8d4f99afef
https://www.suse.com/support/update/announcement/2012/suse-su-20121679-1.html

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Resource management errors in Linux kernel