CVE-2013-5634 - arch/arm/kvm/arm.c in the Linux kernel before 3.10 on the ARM platform, when KVM is used, allows hos

CVE-2013-5634

Summary

arch/arm/kvm/arm.c in the Linux kernel before 3.10 on the ARM platform, when KVM is used, allows host OS users to cause a denial of service (NULL pointer dereference, OOPS, and host OS crash) or possibly have unspecified other impact by omitting vCPU initialization before a KVM_GET_REG_LIST ioctl call.

References

Vulnerable Configurations

cpe:2.3:o:linux:linux_kernel:3.9.0:*:*:*:*:*:arm64:*
cpe:2.3:o:linux:linux_kernel:3.9.0:*:*:*:*:*:arm64:*
cpe:2.3:o:linux:linux_kernel:3.9.3:*:*:*:*:*:arm64:*
cpe:2.3:o:linux:linux_kernel:3.9.3:*:*:*:*:*:arm64:*
cpe:2.3:o:linux:linux_kernel:3.9.8:*:*:*:*:*:arm64:*
cpe:2.3:o:linux:linux_kernel:3.9.8:*:*:*:*:*:arm64:*
cpe:2.3:o:linux:linux_kernel:3.9.1:*:*:*:*:*:arm64:*
cpe:2.3:o:linux:linux_kernel:3.9.1:*:*:*:*:*:arm64:*
cpe:2.3:o:linux:linux_kernel:3.9.6:*:*:*:*:*:arm64:*
cpe:2.3:o:linux:linux_kernel:3.9.6:*:*:*:*:*:arm64:*
cpe:2.3:o:linux:linux_kernel:3.9.5:*:*:*:*:*:arm64:*
cpe:2.3:o:linux:linux_kernel:3.9.5:*:*:*:*:*:arm64:*
cpe:2.3:o:linux:linux_kernel:3.9.9:*:*:*:*:*:arm64:*
cpe:2.3:o:linux:linux_kernel:3.9.9:*:*:*:*:*:arm64:*
cpe:2.3:o:linux:linux_kernel:3.9.4:*:*:*:*:*:arm64:*
cpe:2.3:o:linux:linux_kernel:3.9.4:*:*:*:*:*:arm64:*
cpe:2.3:o:linux:linux_kernel:3.9.10:*:*:*:*:*:arm64:*
cpe:2.3:o:linux:linux_kernel:3.9.10:*:*:*:*:*:arm64:*
cpe:2.3:o:linux:linux_kernel:3.9.7:*:*:*:*:*:arm64:*
cpe:2.3:o:linux:linux_kernel:3.9.7:*:*:*:*:*:arm64:*
cpe:2.3:o:linux:linux_kernel:3.9.2:*:*:*:*:*:arm64:*
cpe:2.3:o:linux:linux_kernel:3.9.2:*:*:*:*:*:arm64:*
cpe:2.3:o:linux:linux_kernel:3.9.11:*:*:*:*:*:arm64:*
cpe:2.3:o:linux:linux_kernel:3.9.11:*:*:*:*:*:arm64:*

CVSS

Base:	4.3 (as of 13-02-2023 - 04:49)
Impact:
Exploitability:

CWE

CWE-399

CAPEC

Access

Vector	Complexity	Authentication
ADJACENT_NETWORK	HIGH	SINGLE

Impact

Confidentiality	Integrity	Availability
NONE	NONE	COMPLETE

cvss-vector via4

AV:A/AC:H/Au:S/C:N/I:N/A:C

refmap via4

bid	61995
confirm	http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=e8180dcaa8470ceca21109f143876fdcd9fe050a https://github.com/torvalds/linux/commit/e8180dcaa8470ceca21109f143876fdcd9fe050a https://www.kernel.org/pub/linux/kernel/v3.x/patch-3.10.bz2
mlist	[oss-security] 20130826 Re: CVE request: Linux Kernel: ARM: KVM: NULL pointer dereferences

Last major update

13-02-2023 - 04:49

Published

25-09-2013 - 10:31

Last modified

13-02-2023 - 04:49