4.9

CVE-2012-2121

EPSS 0.13%
Published 17.05.2012 11:00:38
Last modified 11.04.2025 00:51:21
Source secalert@redhat.com
Teams watchlist Login
Open Login

The KVM implementation in the Linux kernel before 3.3.4 does not properly manage the relationships between memory slots and the iommu, which allows guest OS users to cause a denial of service (memory leak and host OS crash) by leveraging administrative access to the guest OS to conduct hotunplug and hotplug operations on devices.

Affected products Warnungen 0 Metrics 2 CWE 0 References 14

Data is provided by the National Vulnerability Database (NVD)

Linux ≫ Linux Kernel Version <= 3.3.3

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.13%	0.329

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	4.9	3.9	6.9	AV:L/AC:L/Au:N/C:N/I:N/A:C

http://rhn.redhat.com/errata/RHSA-2012-0743.html

http://rhn.redhat.com/errata/RHSA-2012-0676.html

http://secunia.com/advisories/50732

http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.3.4

http://www.openwall.com/lists/oss-security/2012/04/19/16

http://www.securitytracker.com/id?1027083

http://www.ubuntu.com/usn/USN-1577-1

http://www.ubuntu.com/usn/USN-2036-1

http://www.ubuntu.com/usn/USN-2037-1

https://bugzilla.redhat.com/show_bug.cgi?id=814149

https://github.com/torvalds/linux/commit/09ca8e1173bcb12e2a449698c9ae3b86a8a10195

https://nvd.nist.gov/vuln/detail/CVE-2012-2121

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2012-2121

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2012-2121

EUVD