CVE-2013-1935
Red Hat Enterprise Linux 6 - Denial of Service via KVM PV EOI Feature Race Condition
Title source: llmDescription
A certain Red Hat patch to the KVM subsystem in the kernel package before 2.6.32-358.11.1.el6 on Red Hat Enterprise Linux (RHEL) 6 does not properly implement the PV EOI feature, which allows guest OS users to cause a denial of service (host OS crash) by leveraging a time window during which interrupts are disabled but copy_to_user function calls are possible.
References (3)
Core 3
Core References
Vendor Advisory vendor-advisory
x_refsource_redhat
https://rhn.redhat.com/errata/RHSA-2013-0907.html
Issue Tracking x_refsource_confirm
https://bugzilla.redhat.com/show_bug.cgi?id=949981
Vendor Advisory vendor-advisory
x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2013-0911.html
Scores
EPSS
0.0049
EPSS Percentile
38.2%
Details
CWE
CWE-362
Status
published
Products (1)
redhat/enterprise_linux
6.0
Published
Jul 16, 2013
Tracked Since
Feb 18, 2026