CVE-2012-4461
low
CVSS v3
—
CVSS v2
1.9
VIR risk
1.9
Description
The KVM subsystem in the Linux kernel before 3.6.9, when running on hosts that use qemu userspace without XSAVE, allows local users to cause a denial of service (kernel OOPS) by using the KVM_SET_SREGS ioctl to set the X86_CR4_OSXSAVE bit in the guest cr4 register, then calling the KVM_RUN ioctl.
Predictions
Exploit likelihood
20%
Patch ETA
—
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
Vendor advisory: debian — https://security-tracker.debian.org/tracker/CVE-2012-4461
OS impact
| OS | Version | Status | Fixed in |
|---|---|---|---|
| debian | bookworm | fixed | 3.2.35-1 |
| debian | bullseye | fixed | 3.2.35-1 |
| debian | forky | fixed | 3.2.35-1 |
| debian | sid | fixed | 3.2.35-1 |
| debian | trixie | fixed | 3.2.35-1 |
| linux-kernel | affected | | |
| linux-kernel | 3.6 | affected | |
| linux-kernel | 3.6.1 | affected | |
| linux-kernel | 3.6.2 | affected | |
| linux-kernel | 3.6.3 | affected | |
| linux-kernel | 3.6.4 | affected | |
| linux-kernel | 3.6.5 | affected | |
| linux-kernel | 3.6.6 | affected | |
| linux-kernel | 3.6.7 | affected | |
References
- http://article.gmane.org/gmane.comp.emulators.kvm.devel/100742
- http://git.kernel.org/?p=linux/kernel/git/torvalds/linux.git%3Ba=commit%3Bh=6d1068b3a98519247d8ba4ec85cd40ac136dbdf9
- http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00005.html
- http://rhn.redhat.com/errata/RHSA-2013-0223.html
- http://rhn.redhat.com/errata/RHSA-2013-0882.html
- http://secunia.com/advisories/51160
- http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.6.9
- http://www.openwall.com/lists/oss-security/2012/11/06/14
- http://www.securityfocus.com/bid/56414
- https://bugzilla.redhat.com/show_bug.cgi?id=862900
- https://www.suse.com/support/update/announcement/2012/suse-su-20121679-1.html
- https://security-tracker.debian.org/tracker/CVE-2012-4461
Verify integrity in audit chain (admin only). AS-IS.