CVE-2013-1796 (retired)

Priority
Description
The kvm_set_msr_common function in arch/x86/kvm/x86.c in the Linux kernel
through 3.8.4 does not ensure a required time_page alignment during an
MSR_KVM_SYSTEM_TIME operation, which allows guest OS users to cause a
denial of service (buffer overflow and host OS memory corruption) or
possibly have unspecified other impact via a crafted application.
Ubuntu-Description
Andrew Honig discovered a flaw in guest OS time updates in the Linux
kernel's KVM (Kernel-based Virtual Machine). A privileged guest user could
exploit this flaw to cause a denial of service (crash host system) or
potential escalate privilege to the host kernel level.
Package
Source: linux (LP Ubuntu Debian)
Upstream:released (3.9~rc4)
Ubuntu 12.04 ESM (Precise Pangolin):released (3.2.0-41.66)
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (4.2.0-16.19)
Patches:
Introduced by 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2Fixed by c300aa64ddf57d9c5d9c898a64b36877345dd4a9
Package
Upstream:released (3.9~rc4)
Ubuntu 12.04 ESM (Precise Pangolin):DNE (precise was not-affected [kvm specific issue])
Ubuntu 16.04 LTS (Xenial Xerus):DNE
This package is not directly supported by the Ubuntu Security Team
Package
Upstream:released (3.9~rc4)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (4.4.0-1001.10)
Package
Upstream:released (3.9~rc4)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (3.9~rc4)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (kvm specific issue)
Package
Upstream:released (3.9~rc4)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (3.9~rc4)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (4.4.0-1003.3)
Package
Upstream:released (3.9~rc4)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (3.4.0-4.27)
Package
Upstream:released (3.9~rc4)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (3.9~rc4)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (4.8.0-36.36~16.04.1)
Package
Upstream:released (3.9~rc4)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (4.8.0-36.36~16.04.1)
Product
linux-krillin:ignored (was pending [1.0] now end-of-life)
Package
Upstream:not-affected (kvm specific issue)
Ubuntu 12.04 ESM (Precise Pangolin):DNE (precise was ignored [abandoned])
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (3.9~rc4)
Ubuntu 12.04 ESM (Precise Pangolin):DNE (precise was ignored [abandoned])
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (3.9~rc4)
Ubuntu 12.04 ESM (Precise Pangolin):DNE (precise was ignored [abandoned])
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (3.9~rc4)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (3.9~rc4)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (3.9~rc4)
Ubuntu 12.04 ESM (Precise Pangolin):DNE (precise was released [3.5.0-28.48~precise1])
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Patches:
Package
Upstream:released (3.9~rc4)
Ubuntu 12.04 ESM (Precise Pangolin):DNE (precise was not-affected [3.8.0-19.30~precise1])
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (3.9~rc4)
Ubuntu 12.04 ESM (Precise Pangolin):not-affected (3.13.0-24.46~precise1)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (3.9~rc4)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (3.9~rc4)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (3.9~rc4)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (3.9~rc4)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (3.9~rc4)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (3.9~rc4)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (kvm specific issue)
Package
Upstream:released (3.9~rc4)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (3.9~rc4)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (3.9~rc4)
Ubuntu 12.04 ESM (Precise Pangolin):DNE (precise was ignored [abandoned])
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (3.9~rc4)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (4.2.0-1013.19)
Package
Upstream:released (3.9~rc4)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (4.4.0-1012.12)
Package
Upstream:released (3.9~rc4)
Ubuntu 12.04 ESM (Precise Pangolin):DNE (precise was not-affected [kvm specific issue])
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Product
linux-vegetahd:ignored (was pending [1.0] now end-of-life)
More Information

Updated: 2019-09-19 15:44:01 UTC (commit d32ebc32606b9517c6fa7d65a15441e2a57a6de5)