4.9

CVE-2012-2121

EPSS 0.13%
Veröffentlicht 17.05.2012 11:00:38
Zuletzt bearbeitet 11.04.2025 00:51:21
Quelle secalert@redhat.com
Teams Watchlist Login
Unerledigt Login

The KVM implementation in the Linux kernel before 3.3.4 does not properly manage the relationships between memory slots and the iommu, which allows guest OS users to cause a denial of service (memory leak and host OS crash) by leveraging administrative access to the guest OS to conduct hotunplug and hotplug operations on devices.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 14

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Linux ≫ Linux Kernel Version <= 3.3.3

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.13%	0.329

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	4.9	3.9	6.9	AV:L/AC:L/Au:N/C:N/I:N/A:C

http://rhn.redhat.com/errata/RHSA-2012-0743.html

http://rhn.redhat.com/errata/RHSA-2012-0676.html

http://secunia.com/advisories/50732

http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.3.4

http://www.openwall.com/lists/oss-security/2012/04/19/16

http://www.securitytracker.com/id?1027083

http://www.ubuntu.com/usn/USN-1577-1

http://www.ubuntu.com/usn/USN-2036-1

http://www.ubuntu.com/usn/USN-2037-1

https://bugzilla.redhat.com/show_bug.cgi?id=814149

https://github.com/torvalds/linux/commit/09ca8e1173bcb12e2a449698c9ae3b86a8a10195

https://nvd.nist.gov/vuln/detail/CVE-2012-2121

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2012-2121

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2012-2121

EUVD