[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    [oss-security] Re: CVE request: Linux Kernel: ARM: KVM: NULL pointer dereferences
From:       cve-assign () mitre ! org
Date:       2013-08-26 16:52:26
Message-ID: 201308261652.r7QGqQvm004300 () linus ! mitre ! org
[Download RAW message or body]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

> Linux kernel built for the ARM(CONFIG_ARM) platform along with the Kernel
> based Virtual Machine support(CONFIG_KVM), is vulnerable to a NULL pointer
> dereference flaw. It occurs while performing an ioctl(KVM_GET_REG_LIST) call
> on the KVM device, without first properly initialising a vCPU.
> 
> An unprivileged user/program could use this flaw to crash the kernel resulting
> in DoS.
> 
> Upstream fix:
>   -> https://git.kernel.org/linus/e8180dcaa8470ceca21109f143876fdcd9fe050a

Use CVE-2013-5634.

- -- 
CVE assignment team, MITRE CVE Numbering Authority
M/S M300
202 Burlington Road, Bedford, MA 01730 USA
[ PGP key available through http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (SunOS)

iQEcBAEBAgAGBQJSG4afAAoJEGvefgSNfHMdiiUH/R9Y7Hn2tI0UUFA0FJluFNdx
xgZ0u1hxFkpEJ69O6FM5qKmH+TSfF/Jq27WIIjAwLPYA44bAqn3VeVukt/VpZPQj
FCHGcJIDNnwV8n+R29rUPUMQ6VaENDM0aJSWuDlo3puTndNiXX/6vGyh1QXNBfBm
uQHjvwIpOOErQibj2yReJoRJeIZkOJyf8oxJYp0yc+oE1ICbJ+yCCVfTCNBOQXhW
U6EzqiMKAsg1+IgMgJXlD9imf8q8X7kDGnhMq/iWzODeFTpNXtgtAEVp5Ng0irNm
08/zGfMH8F2u+OxFIwzcOc4Y+GYXUcGHHS2GKT399HXwrLUt64sxL5fOots/YxM=
=cONI
-----END PGP SIGNATURE-----
[prev in list] [next in list] [prev in thread] [next in thread]