CVE-2012-4461 : The KVM subsystem in the Linux kernel before 3.6.9, when running on hosts that use qemu userspace without XSAVE, allows

The KVM subsystem in the Linux kernel before 3.6.9, when running on hosts that use qemu userspace without XSAVE, allows local users to cause a denial of service (kernel OOPS) by using the KVM_SET_SREGS ioctl to set the X86_CR4_OSXSAVE bit in the guest cr4 register, then calling the KVM_RUN ioctl.

Published 2013-01-22 23:55:03

Updated 2023-02-13 00:26:15

Source Red Hat, Inc.

View at NVD, CVE.org

Vulnerability category: Denial of service

Exploit prediction scoring system (EPSS) score for CVE-2012-4461

Probability of exploitation activity in the next 30 days: 0.04%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 6 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2012-4461

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
1.9	LOW	AV:L/AC:M/Au:N/C:N/I:N/A:P	3.4	2.9	NIST
Access Vector: Local Access Complexity: Medium Authentication: None Confidentiality Impact: None Integrity Impact: None Availability Impact: Partial

References for CVE-2012-4461

http://www.openwall.com/lists/oss-security/2012/11/06/14

oss-security - CVE-2012-4461 -- kernel: kvm: invalid opcode oops on SET_SREGS with OSXSAVE bit set
http://www.securityfocus.com/bid/56414

Linux Kernel KVM CVE-2012-4461 Local Denial of Service Vulnerability
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.6.9
https://bugzilla.redhat.com/show_bug.cgi?id=862900

862900 – (CVE-2012-4461) CVE-2012-4461 kernel: kvm: invalid opcode oops on SET_SREGS with OSXSAVE bit set
https://www.suse.com/support/update/announcement/2012/suse-su-20121679-1.html

SUSE-SU-2012:1679-1

CVEs referencing this url
http://article.gmane.org/gmane.comp.emulators.kvm.devel/100742
http://rhn.redhat.com/errata/RHSA-2013-0223.html

RHSA-2013:0223 - Security Advisory - Red Hat Customer Portal

CVEs referencing this url
http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00005.html

[security-announce] openSUSE-SU-2013:0925-1: important: kernel: security

CVEs referencing this url
http://rhn.redhat.com/errata/RHSA-2013-0882.html

RHSA-2013:0882 - Security Advisory - Red Hat Customer Portal

CVEs referencing this url
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux.git%3Ba=commit%3Bh=6d1068b3a98519247d8ba4ec85cd40ac136dbdf9

Products affected by CVE-2012-4461

Linux » Linux Kernel
Versions up to, including, (<=) 3.6.8
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 3.6.4
cpe:2.3:o:linux:linux_kernel:3.6.4:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 3.6.5
cpe:2.3:o:linux:linux_kernel:3.6.5:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 3.6.2
cpe:2.3:o:linux:linux_kernel:3.6.2:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 3.6.3
cpe:2.3:o:linux:linux_kernel:3.6.3:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 3.6
cpe:2.3:o:linux:linux_kernel:3.6:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 3.6.1
cpe:2.3:o:linux:linux_kernel:3.6.1:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 3.6.6
cpe:2.3:o:linux:linux_kernel:3.6.6:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 3.6.7
cpe:2.3:o:linux:linux_kernel:3.6.7:*:*:*:*:*:*:*
Matching versions

Vulnerability Details : CVE-2012-4461

Exploit prediction scoring system (EPSS) score for CVE-2012-4461

CVSS scores for CVE-2012-4461

References for CVE-2012-4461

Products affected by CVE-2012-4461