CVE-2012-2137

Linux Kernel < 3.2.24 - Buffer Overflow in KVM MSI Routing Entry Setup

Title source: llm
STIX 2.1

Description

Buffer overflow in virt/kvm/irq_comm.c in the KVM subsystem in the Linux kernel before 3.2.24 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to Message Signaled Interrupts (MSI), irq routing entries, and an incorrect check by the setup_routing_entry function before invoking the kvm_set_irq function.

References (15)

Core 15
Core References
Issue Tracking, Third Party Advisory x_refsource_confirm
https://bugzilla.redhat.com/show_bug.cgi?id=816151
Third Party Advisory vendor-advisory x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2012-0743.html
Third Party Advisory vendor-advisory x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-1606-1
Third Party Advisory vendor-advisory x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-1594-1
Broken Link third-party-advisory x_refsource_secunia
http://secunia.com/advisories/50961
Third Party Advisory vendor-advisory x_refsource_ubuntu
http://ubuntu.com/usn/usn-1607-1
Third Party Advisory vendor-advisory x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-1609-1
Third Party Advisory vendor-advisory x_refsource_ubuntu
http://ubuntu.com/usn/usn-1529-1
Mailing List, Third Party Advisory vendor-advisory x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00005.html
Broken Link third-party-advisory x_refsource_secunia
http://secunia.com/advisories/50952
Mailing List, Third Party Advisory vendor-advisory x_refsource_hp
http://marc.info/?l=bugtraq&m=139447903326211&w=2
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/54063

Scores

EPSS 0.0052
EPSS Percentile 40.6%

Details

CWE
CWE-119
Status published
Products (4)
canonical/ubuntu_linux 10.04
canonical/ubuntu_linux 11.10
canonical/ubuntu_linux 12.04
linux/linux_kernel 2.6.33 - 3.0.72
Published Jan 22, 2013
Tracked Since Feb 18, 2026