oss-sec mailing list archives
CVE request: Linux Kernel: ARM: KVM: NULL pointer dereferences
From: P J P <ppandit () redhat com>
Date: Mon, 26 Aug 2013 18:20:39 +0530 (IST)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello,Linux kernel built for the ARM(CONFIG_ARM) platform along with the Kernel based Virtual Machine support(CONFIG_KVM), is vulnerable to a NULL pointer dereference flaw. It occurs while performing an ioctl(KVM_GET_REG_LIST) call on the KVM device, without first properly initialising a vCPU.
An unprivileged user/program could use this flaw to crash the kernel resulting in DoS.
Upstream fix: - ------------- -> https://git.kernel.org/linus/e8180dcaa8470ceca21109f143876fdcd9fe050a Thank you. - -- Prasad J Pandit / Red Hat Security Response Team DB7A 84C5 D3F9 7CD1 B5EB C939 D048 7860 3655 602B -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.13 (GNU/Linux) iQIcBAEBAgAGBQJSG08fAAoJENBIeGA2VWArjdEP/j48jh4JXwQ6C8QgPfbR68T1 LmKy4msORq5GDTzmUezMG9bU5LcGLb3TwLEn3KT015t+ivf4uOMEhkwTcoeflNYG Scjf060soX1s4wC/5X8iD85y7rUeMGiytCDqOqURlBRyR4gMwEYsP9+QYRQNWXhr 2ZT2puOedF06/sC5P9SfBEN33kRe7hgi3x1w9wEau0wBvkBKRDwekuhYYPtq0soE zxW35xWHS03DdLSxGUrr1oB9No+ZduPlV4U6mmXJlITQhXUjyAF0tbOrwXtoYDIz hRhAeiwBSyadSasrekdovFZa1UvRGHru6coUzoO6N0HDbqkooHuz4ZGikQ7Ahj19 E9OnabBIlQWRa+QxvWp2NwqoPuRP4jKGcMRQEB1VbGDJ/HV0dRLxvF2MtnYzp5uv TlPUVDRTfwk5UIQUTj0j1zsBaCJU+orxDwbnxXJ9+T993CPYYzkfxaYhtd6q5KBx XPlfcnddOYFfONxPbMt/n2WG81e/XKfU8E2qdiFD0rByxbodlCj0gelMtJ+OGpXK lIumz9JFNXZngfziq4x2kNCX+UB+oootDTxLgrJYN2CSUGWtcAWvmG/XOEr5O36C n8C6gkRjNMrGXEUYiv0kXO5+ayK02TeZE4l7r0XYlQIUFxXkqXpWBlVGSSq+G77g N8e9KKF02cScY2Mi2KIJ =4Xq6 -----END PGP SIGNATURE-----
Current thread:
- CVE request: Linux Kernel: ARM: KVM: NULL pointer dereferences P J P (Aug 26)
- Re: CVE request: Linux Kernel: ARM: KVM: NULL pointer dereferences cve-assign (Aug 26)