CVE-2013-1935
16.07.2013, 14:08
A certain Red Hat patch to the KVM subsystem in the kernel package before 2.6.32-358.11.1.el6 on Red Hat Enterprise Linux (RHEL) 6 does not properly implement the PV EOI feature, which allows guest OS users to cause a denial of service (host OS crash) by leveraging a time window during which interrupts are disabled but copy_to_user function calls are possible.
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux | 6.0 |
𝑥
= Vulnerable software versions
Debian Releases
Ubuntu Releases
Ubuntu Product | |||||||||
|---|---|---|---|---|---|---|---|---|---|
| linux |
| ||||||||
| linux-armadaxp |
| ||||||||
| linux-ec2 |
| ||||||||
| linux-fsl-imx51 |
| ||||||||
| linux-linaro-omap |
| ||||||||
| linux-linaro-shared |
| ||||||||
| linux-linaro-vexpress |
| ||||||||
| linux-lts-backport-maverick |
| ||||||||
| linux-lts-quantal |
| ||||||||
| linux-lts-raring |
| ||||||||
| linux-mvl-dove |
| ||||||||
| linux-qcm-msm |
| ||||||||
| linux-ti-omap4 |
|
References