4.9
CVE-2012-2121
- EPSS 0.41%
- Veröffentlicht 17.05.2012 11:00:38
- Zuletzt bearbeitet 16.06.2026 23:41:01
- Quelle secalert@redhat.com
- CVE-Watchlists
- Unerledigt
The KVM implementation in the Linux kernel before 3.3.4 does not properly manage the relationships between memory slots and the iommu, which allows guest OS users to cause a denial of service (memory leak and host OS crash) by leveraging administrative access to the guest OS to conduct hotunplug and hotplug operations on devices.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version <= 3.3.3
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.41% | 0.328 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 4.9 | 3.9 | 6.9 |
AV:L/AC:L/Au:N/C:N/I:N/A:C
|
http://rhn.redhat.com/errata/RHSA-2012-0743.html
http://rhn.redhat.com/errata/RHSA-2012-0676.html
http://secunia.com/advisories/50732
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.3.4
http://www.openwall.com/lists/oss-security/2012/04/19/16
http://www.securitytracker.com/id?1027083
http://www.ubuntu.com/usn/USN-1577-1
http://www.ubuntu.com/usn/USN-2036-1
http://www.ubuntu.com/usn/USN-2037-1
https://bugzilla.redhat.com/show_bug.cgi?id=814149
https://github.com/torvalds/linux/commit/09ca8e1173bcb12e2a449698c9ae3b86a8a10195