ID CVE-2011-4622
Summary The create_pit_timer function in arch/x86/kvm/i8254.c in KVM 83, and possibly other versions, does not properly handle when Programmable Interval Timer (PIT) interrupt requests (IRQs) when a virtual interrupt controller (irqchip) is not available, which allows local users to cause a denial of service (NULL pointer dereference) by starting a timer.
References
Vulnerable Configurations
  • cpe:2.3:a:redhat:kvm:83:*:*:*:*:*:*:*
    cpe:2.3:a:redhat:kvm:83:*:*:*:*:*:*:*
CVSS
Base: 4.9 (as of 29-12-2017 - 02:29)
Impact:
Exploitability:
CWE NVD-CWE-noinfo
CAPEC
Access
VectorComplexityAuthentication
LOCAL LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE COMPLETE
cvss-vector via4 AV:L/AC:L/Au:N/C:N/I:N/A:C
redhat via4
advisories
rhsa
id RHSA-2012:0051
rpms
  • kmod-kvm-0:83-239.el5_7.1
  • kmod-kvm-debug-0:83-239.el5_7.1
  • kvm-0:83-239.el5_7.1
  • kvm-qemu-img-0:83-239.el5_7.1
  • kvm-tools-0:83-239.el5_7.1
  • kernel-0:2.6.32-220.7.1.el6
  • kernel-bootwrapper-0:2.6.32-220.7.1.el6
  • kernel-debug-0:2.6.32-220.7.1.el6
  • kernel-debug-devel-0:2.6.32-220.7.1.el6
  • kernel-devel-0:2.6.32-220.7.1.el6
  • kernel-doc-0:2.6.32-220.7.1.el6
  • kernel-firmware-0:2.6.32-220.7.1.el6
  • kernel-headers-0:2.6.32-220.7.1.el6
  • kernel-kdump-0:2.6.32-220.7.1.el6
  • kernel-kdump-devel-0:2.6.32-220.7.1.el6
  • perf-0:2.6.32-220.7.1.el6
  • python-perf-0:2.6.32-220.7.1.el6
refmap via4
bid 51172
confirm https://bugzilla.redhat.com/show_bug.cgi?id=769721
mlist
  • [kvm] 20111214 [PATCH 1/2] KVM: x86: Prevent starting PIT timers in the absence of irqchip support
  • [oss-security] 20111221 Re: kernel: kvm: pit timer with no irqchip crashes the system
sectrack 1026559
suse
  • SUSE-SU-2012:0616
  • openSUSE-SU-2013:0925
Last major update 29-12-2017 - 02:29
Published 27-01-2012 - 15:55
Back to Top