| Revision Date: | 2013-07-16 | Version: | 1 | | Title: | CVE-2013-1943 on Ubuntu 12.04 LTS (precise) - medium. | | Description: | The KVM subsystem in the Linux kernel before 3.0 does not check whether kernel addresses are specified during allocation of memory slots for use in a guest's physical address space, which allows local users to gain privileges or obtain sensitive information from kernel memory via a crafted application, related to arch/x86/kvm/paging_tmpl.h and virt/kvm/kvm_main.c. Michael S. Tsirkin discovered a flaw in how the Linux kernel's KVM subsystem allocates memory slots for the guest's address space. A local user could exploit this flaw to gain system privileges or obtain sensitive information from kernel memory.
| | Family: | unix | Class: | vulnerability | | Status: | | Reference(s): | CVE-2013-1943
| | Platform(s): | Ubuntu 12.04 LTS
| Product(s): | | | Definition Synopsis | | Ubuntu 12.04 LTS (precise) is installed. AND Package Information
NOT While related to the CVE in some way, the 'linux' package in precise is not affected (note: '3.1.0-1.1').
OR NOT While related to the CVE in some way, the 'linux-armadaxp' package in precise is not affected (note: '3.2.0-1600.1').
OR While related to the CVE in some way, a decision has been made to ignore it (note: 'abandoned').
OR While related to the CVE in some way, a decision has been made to ignore it (note: 'abandoned').
OR While related to the CVE in some way, a decision has been made to ignore it (note: 'abandoned').
OR NOT While related to the CVE in some way, the 'linux-lts-quantal' package in precise is not affected (note: '3.5.0-18.29~precise1').
OR NOT While related to the CVE in some way, the 'linux-lts-raring' package in precise is not affected (note: '3.8.0-19.30~precise1').
OR While related to the CVE in some way, a decision has been made to ignore it (note: 'abandoned').
OR NOT While related to the CVE in some way, the 'linux-ti-omap4' package in precise is not affected (note: '3.0.0-1401.2').
|
|