CVE-2013-1797

Priority
Description
Use-after-free vulnerability in arch/x86/kvm/x86.c in the Linux kernel
through 3.8.4 allows guest OS users to cause a denial of service (host OS
memory corruption) or possibly have unspecified other impact via a crafted
application that triggers use of a guest physical address (GPA) in (1)
movable or (2) removable memory during an MSR_KVM_SYSTEM_TIME
kvm_set_msr_common operation.
Ubuntu-Description
Andrew Honig discovered a use after free error in guest OS time updates in
the Linux kernel's KVM (Kernel-based Virtual Machine). A privileged guest
user could exploit this flaw to escalate privilege to the host kernel
level.
Notes
 jdstrand> ignored on phablet kernels (too intrusive to backport and they don't
  support KVM)
Assigned-to
jjohansen
Package
Source: linux (LP Ubuntu Debian)
Upstream:released (3.9~rc4)
Ubuntu 14.04 LTS (Trusty Tahr):not-affected (3.11.0-12.19)
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (4.2.0-16.19)
Patches:
Introduced by 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2Fixed by 0b79459b482e85cb7426aa7da683a9f2c97aeae1
Package
Upstream:released (3.9~rc4)
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (3.9~rc4)
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (3.9~rc4)
Ubuntu 14.04 LTS (Trusty Tahr):not-affected (kvm specific issue)
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (kvm specific issue)
Package
Upstream:released (3.9~rc4)
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (3.9~rc4)
Ubuntu 14.04 LTS (Trusty Tahr):ignored (was needed now end-of-life)
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (3.4.0-4.23)
Package
Upstream:released (3.9~rc4)
Ubuntu 14.04 LTS (Trusty Tahr):ignored (see note)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (3.9~rc4)
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (3.9~rc4)
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (3.9~rc4)
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (3.9~rc4)
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (3.9~rc4)
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (3.9~rc4)
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Patches:
Package
Upstream:released (3.9~rc4)
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (3.9~rc4)
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (3.9~rc4)
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (3.9~rc4)
Ubuntu 14.04 LTS (Trusty Tahr):not-affected (3.16.0-25.33~14.04.2)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (3.9~rc4)
Ubuntu 14.04 LTS (Trusty Tahr):not-affected (3.19.0-18.18~14.04.1)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (3.9~rc4)
Ubuntu 14.04 LTS (Trusty Tahr):ignored (see note)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (3.9~rc4)
Ubuntu 14.04 LTS (Trusty Tahr):not-affected (kvm specific issue)
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (kvm specific issue)
Package
Upstream:released (3.9~rc4)
Ubuntu 14.04 LTS (Trusty Tahr):not-affected (kvm specific issue)
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (kvm specific issue)
Package
Upstream:released (3.9~rc4)
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (3.9~rc4)
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (3.9~rc4)
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (4.2.0-1014.21)
Package
Upstream:released (3.9~rc4)
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
More Information

Updated: 2019-03-19 12:09:57 UTC (commit 15472795df7e9de45b82f2d36b8b419b939f97b2)