CVE-2012-2121
Priority
Medium
Description
The KVM implementation in the Linux kernel before 3.3.4 does not properly
manage the relationships between memory slots and the iommu, which allows
guest OS users to cause a denial of service (memory leak and host OS crash)
by leveraging administrative access to the guest OS to conduct hotunplug
and hotplug operations on devices.
manage the relationships between memory slots and the iommu, which allows
guest OS users to cause a denial of service (memory leak and host OS crash)
by leveraging administrative access to the guest OS to conduct hotunplug
and hotplug operations on devices.
Ubuntu-Description
A flaw was discovered in the Linux kernel's KVM (kernel virtual machine).
An administrative user in the guest OS could leverage this flaw to cause a
denial of service in the host OS.
An administrative user in the guest OS could leverage this flaw to cause a
denial of service in the host OS.
References
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2121
http://www.openwall.com/lists/oss-security/2012/04/19/16
https://lkml.org/lkml/2012/4/11/248
http://www.ubuntu.com/usn/usn-1457-1
http://www.ubuntu.com/usn/usn-1470-1
http://www.ubuntu.com/usn/usn-1471-1
http://www.ubuntu.com/usn/usn-1472-1
http://www.ubuntu.com/usn/usn-1473-1
http://www.ubuntu.com/usn/usn-1474-1
http://www.ubuntu.com/usn/usn-1476-1
http://www.ubuntu.com/usn/usn-1260-1
http://www.ubuntu.com/usn/usn-1577-1
http://www.openwall.com/lists/oss-security/2012/04/19/16
https://lkml.org/lkml/2012/4/11/248
http://www.ubuntu.com/usn/usn-1457-1
http://www.ubuntu.com/usn/usn-1470-1
http://www.ubuntu.com/usn/usn-1471-1
http://www.ubuntu.com/usn/usn-1472-1
http://www.ubuntu.com/usn/usn-1473-1
http://www.ubuntu.com/usn/usn-1474-1
http://www.ubuntu.com/usn/usn-1476-1
http://www.ubuntu.com/usn/usn-1260-1
http://www.ubuntu.com/usn/usn-1577-1
Package
| Upstream: | released (3.4~rc4) |
| Ubuntu 10.04 LTS (Lucid Lynx): | DNE |
| Ubuntu 12.04 LTS (Precise Pangolin): | released (3.2.0-1604.7) |
| Ubuntu 12.10 (Quantal Quetzal): | not-affected (3.2.0-1604.7) |
| Ubuntu 13.04 (Raring Ringtail): | DNE |
| Ubuntu 13.10 (Saucy Salamander): | DNE |
Package
| Upstream: | released (3.4~rc4) |
| Ubuntu 10.04 LTS (Lucid Lynx): | deferred |
| Ubuntu 12.04 LTS (Precise Pangolin): | DNE |
| Ubuntu 12.10 (Quantal Quetzal): | DNE |
| Ubuntu 13.04 (Raring Ringtail): | DNE |
| Ubuntu 13.10 (Saucy Salamander): | DNE |
Package
| Upstream: | released (3.4~rc4) |
| Ubuntu 10.04 LTS (Lucid Lynx): | released (3.0.0-21.35~lucid1) |
| Ubuntu 12.04 LTS (Precise Pangolin): | DNE |
| Ubuntu 12.10 (Quantal Quetzal): | DNE |
| Ubuntu 13.04 (Raring Ringtail): | DNE |
| Ubuntu 13.10 (Saucy Salamander): | DNE |
Package
| Upstream: | released (3.4~rc4) |
| Ubuntu 10.04 LTS (Lucid Lynx): | released (2.6.38-15.60~lucid1) |
| Ubuntu 12.04 LTS (Precise Pangolin): | DNE |
| Ubuntu 12.10 (Quantal Quetzal): | DNE |
| Ubuntu 13.04 (Raring Ringtail): | DNE |
| Ubuntu 13.10 (Saucy Salamander): | DNE |
Package
| Upstream: | DNE |
| Ubuntu 10.04 LTS (Lucid Lynx): | DNE |
| Ubuntu 12.04 LTS (Precise Pangolin): | not-affected |
| Ubuntu 12.10 (Quantal Quetzal): | DNE |
| Ubuntu 13.04 (Raring Ringtail): | DNE |
| Ubuntu 13.10 (Saucy Salamander): | DNE |
Patches:
Package
| Upstream: | released (3.4~rc4) |
| Ubuntu 10.04 LTS (Lucid Lynx): | ignored (reached end-of-life) |
| Ubuntu 12.04 LTS (Precise Pangolin): | DNE |
| Ubuntu 12.10 (Quantal Quetzal): | DNE |
| Ubuntu 13.04 (Raring Ringtail): | DNE |
| Ubuntu 13.10 (Saucy Salamander): | DNE |
Package
| Upstream: | released (3.4~rc4) |
| Ubuntu 10.04 LTS (Lucid Lynx): | ignored (reached end-of-life) |
| Ubuntu 12.04 LTS (Precise Pangolin): | DNE |
| Ubuntu 12.10 (Quantal Quetzal): | DNE |
| Ubuntu 13.04 (Raring Ringtail): | DNE |
| Ubuntu 13.10 (Saucy Salamander): | DNE |
Package
| Upstream: | released (3.4~rc4) |
| Ubuntu 10.04 LTS (Lucid Lynx): | deferred |
| Ubuntu 12.04 LTS (Precise Pangolin): | released (3.2.0-25.40) |
| Ubuntu 12.10 (Quantal Quetzal): | not-affected (3.4.0-1.1) |
| Ubuntu 13.04 (Raring Ringtail): | not-affected (3.4.0-1.1) |
| Ubuntu 13.10 (Saucy Salamander): | not-affected (3.4.0-1.1) |
Patches:
| Upstream: | http://git.kernel.org/?p=virt/kvm/kvm.git;a=commit;h=32f6daad4651a748a58a3ab6da0611862175722f |
Package
| Upstream: | released (3.4~rc4) |
| Ubuntu 10.04 LTS (Lucid Lynx): | DNE |
| Ubuntu 12.04 LTS (Precise Pangolin): | released (3.2.0-1414.19) |
| Ubuntu 12.10 (Quantal Quetzal): | not-affected (3.4.0-201.3) |
| Ubuntu 13.04 (Raring Ringtail): | not-affected (3.4.0-201.3) |
| Ubuntu 13.10 (Saucy Salamander): | not-affected (3.4.0-201.3) |
Package
| Upstream: | released (3.4~rc4) |
| Ubuntu 10.04 LTS (Lucid Lynx): | needed |
| Ubuntu 12.04 LTS (Precise Pangolin): | DNE |
| Ubuntu 12.10 (Quantal Quetzal): | DNE |
| Ubuntu 13.04 (Raring Ringtail): | DNE |
| Ubuntu 13.10 (Saucy Salamander): | DNE |
Package
| Upstream: | released (3.4~rc4) |
| Ubuntu 10.04 LTS (Lucid Lynx): | DNE |
| Ubuntu 12.04 LTS (Precise Pangolin): | not-affected |
| Ubuntu 12.10 (Quantal Quetzal): | DNE |
| Ubuntu 13.04 (Raring Ringtail): | DNE |
| Ubuntu 13.10 (Saucy Salamander): | DNE |