CVE-2011-4347

MEDIUM
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

The kvm_vm_ioctl_assign_device function in virt/kvm/assigned-dev.c in the KVM subsystem in the Linux kernel before 3.1.10 does not verify permission to access PCI configuration space and BAR resources, which allows host OS users to assign PCI devices and cause a denial of service (host OS crash) via a KVM_ASSIGN_PCI_DEVICE operation.

References

http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.1.10

http://www.openwall.com/lists/oss-security/2011/11/24/7

https://bugzilla.redhat.com/show_bug.cgi?id=756084

https://github.com/torvalds/linux/commit/c4e7f9022e506c6635a5037713c37118e23193e4

Details

Source: MITRE

Published: 2013-06-08

Updated: 2013-06-10

Type: CWE-264

Risk Information

CVSS v2

Base Score: 4

Vector: AV:L/AC:H/Au:N/C:N/I:N/A:C

Impact Score: 6.9

Exploitability Score: 1.9

Severity: MEDIUM

Tenable Plugins

View all (26 total)

IDNameProductFamilySeverity
79283RHEL 5 : rhev-hypervisor5 (RHSA-2012:0168)NessusRed Hat Local Security Checks
high
69662Amazon Linux AMI : kernel (ALAS-2012-55)NessusAmazon Linux Local Security Checks
high
68669Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2012-2003)NessusOracle Linux Local Security Checks
high
68491Oracle Linux 6 : kernel (ELSA-2012-0350)NessusOracle Linux Local Security Checks
high
68466Oracle Linux 5 : kvm (ELSA-2012-0149)NessusOracle Linux Local Security Checks
medium
64044RHEL 6 : kernel (RHSA-2012:1042)NessusRed Hat Local Security Checks
high
64028RHEL 5 : kvm (RHSA-2012:0149)NessusRed Hat Local Security Checks
medium
61277Scientific Linux Security Update : kernel on SL6.x i386/x86_64 (20120306)NessusScientific Linux Local Security Checks
high
61267Scientific Linux Security Update : kvm on SL5.x x86_64 (20120221)NessusScientific Linux Local Security Checks
medium
59034Ubuntu 10.04 LTS : linux-lts-backport-natty vulnerabilities (USN-1440-1)NessusUbuntu Local Security Checks
critical
58947Ubuntu 10.04 LTS : linux-lts-backport-oneiric vulnerabilities (USN-1433-1)NessusUbuntu Local Security Checks
critical
58946Ubuntu 11.10 : linux vulnerabilities (USN-1431-1)NessusUbuntu Local Security Checks
critical
58871Ubuntu 10.04 LTS : linux-ec2 vulnerabilities (USN-1426-1)NessusUbuntu Local Security Checks
high
58870Ubuntu 10.04 LTS : linux vulnerabilities (USN-1425-1)NessusUbuntu Local Security Checks
high
58742Ubuntu 11.04 : linux vulnerabilities (USN-1422-1)NessusUbuntu Local Security Checks
critical
58741Ubuntu 10.04 LTS : linux-lts-backport-maverick vulnerabilities (USN-1421-1)NessusUbuntu Local Security Checks
critical
58497Ubuntu 10.04 LTS : linux-lts-backport-oneiric vulnerabilities (USN-1409-1)NessusUbuntu Local Security Checks
medium
58495Ubuntu 10.10 : linux vulnerabilities (USN-1407-1)NessusUbuntu Local Security Checks
critical
58494Ubuntu 11.04 : linux vulnerabilities (USN-1406-1)NessusUbuntu Local Security Checks
critical
58493Ubuntu 11.10 : linux vulnerabilities (USN-1405-1)NessusUbuntu Local Security Checks
critical
58486Debian DSA-2443-1 : linux-2.6 - privilege escalation/denial of serviceNessusDebian Local Security Checks
high
58275CentOS 6 : kernel (CESA-2012:0350)NessusCentOS Local Security Checks
high
58270Ubuntu 10.04 LTS : linux vulnerabilities (USN-1389-1)NessusUbuntu Local Security Checks
high
58261RHEL 6 : kernel (RHSA-2012:0350)NessusRed Hat Local Security Checks
high
57547Fedora 16 : kernel-3.1.8-2.fc16 (2012-0363)NessusFedora Local Security Checks
medium
801513CentOS RHSA-2012-0350 Security CheckLog Correlation EngineGeneric
high