Marcelo Tosatti

4 exploits Active since Jul 2012
CVE-2012-0045 WRITEUP WRITEUP
Linux Kernel < 3.2.14 - Denial of Service via KVM em_syscall Opcode Handling
The em_syscall function in arch/x86/kvm/emulate.c in the KVM implementation in the Linux kernel before 3.2.14 does not properly handle the 0f05 (aka syscall) opcode, which allows guest OS users to cause a denial of service (guest OS crash) via a crafted application, as demonstrated by an NASM file.
CVE-2015-3214 WRITEUP WRITEUP
Linux kernel <2.6.33 & QEMU <2.3.1 - Use After Free
The pit_ioport_read in i8254.c in the Linux kernel before 2.6.33 and QEMU before 2.3.1 does not distinguish between read lengths and write lengths, which might allow guest OS users to execute arbitrary code on the host OS by triggering use of an invalid index.
CVE-2013-4592 WRITEUP WRITEUP
Linux Kernel < 3.9 - Denial of Service via Memory Leak in __kvm_set_memory_region
Memory leak in the __kvm_set_memory_region function in virt/kvm/kvm_main.c in the Linux kernel before 3.9 allows local users to cause a denial of service (memory consumption) by leveraging certain device access to trigger movement of memory slots.
EIP-2026-102655 EXPLOITDB text WRITEUP
Linux Kernel 2.6.x - KVM 'pit_ioport_read()' Local Denial of Service