CVE-2013-5634

Published Sep 25, 2013

Last updated 2 years ago

Overview

Description: arch/arm/kvm/arm.c in the Linux kernel before 3.10 on the ARM platform, when KVM is used, allows host OS users to cause a denial of service (NULL pointer dereference, OOPS, and host OS crash) or possibly have unspecified other impact by omitting vCPU initialization before a KVM_GET_REG_LIST ioctl call.
Source: secalert@redhat.com
NVD status: Modified

Hype score: Not currently trending

Risk scores

CVSS 2.0

Type: Primary
Base score: 4.3
Impact score: 6.9
Exploitability score: 2.5
Vector string: AV:A/AC:H/Au:S/C:N/I:N/A:C

Weaknesses

nvd@nist.gov: CWE-399

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:arm64:*",
            "vulnerable": true,
            "matchCriteriaId": "7EB94BEB-9A72-41A5-8B5B-1D2211413B28",
            "versionEndIncluding": "3.9.11"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:3.9.0:*:*:*:*:*:arm64:*",
            "vulnerable": true,
            "matchCriteriaId": "59E39242-8051-4018-82BC-F7F2C52749E0"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:3.9.1:*:*:*:*:*:arm64:*",
            "vulnerable": true,
            "matchCriteriaId": "EDAADF21-6FBC-4AE4-88E6-912E2EF367E0"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:3.9.2:*:*:*:*:*:arm64:*",
            "vulnerable": true,
            "matchCriteriaId": "D4A5AB12-E57A-4D49-93EF-1BE2AC1A0FF6"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:3.9.3:*:*:*:*:*:arm64:*",
            "vulnerable": true,
            "matchCriteriaId": "BD62DFE5-690C-4972-AA2E-B01BB7A9E16D"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:3.9.4:*:*:*:*:*:arm64:*",
            "vulnerable": true,
            "matchCriteriaId": "EF771D87-8608-4243-872D-2C735625B097"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:3.9.5:*:*:*:*:*:arm64:*",
            "vulnerable": true,
            "matchCriteriaId": "F4442A5E-66A5-406F-AC9A-A37175D5A01B"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:3.9.6:*:*:*:*:*:arm64:*",
            "vulnerable": true,
            "matchCriteriaId": "667ED70A-AC2A-4060-86EF-71A71A85E514"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:3.9.7:*:*:*:*:*:arm64:*",
            "vulnerable": true,
            "matchCriteriaId": "A002A628-663C-4923-8E03-F6EAF4878449"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:3.9.8:*:*:*:*:*:arm64:*",
            "vulnerable": true,
            "matchCriteriaId": "880C2DC8-C9A7-4935-BCF1-0F0D62785067"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:3.9.9:*:*:*:*:*:arm64:*",
            "vulnerable": true,
            "matchCriteriaId": "F98FBE36-A39B-4C1F-BC51-A0BCC8690708"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:3.9.10:*:*:*:*:*:arm64:*",
            "vulnerable": true,
            "matchCriteriaId": "218E5271-9206-4D69-8C39-1CE4AB067FDD"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Social media

Risk scores

CVSS 2.0

Weaknesses

Configurations

References