CVE-2012-1179
Advisory lineage Upstream: 0 Downstream: 3
Modified
Published: 17 May 2012, 10:00
Last modified:06 Aug 2024, 18:53
Vulnerability Summary
Overall Risk (default)
low
21/100 CVSS Score
5.2 MEDIUM
v2.0 (nvd)
EPSS Score
0.36% LOW
0% probability 0.00%
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected
Timeline
17 May 2012, 10:00
Published
Vulnerability first disclosed
06 Aug 2024, 18:53
Last Modified
Vulnerability information updated
Description
The Linux kernel before 3.3.1, when KVM is used, allows guest OS users to cause a denial of service (host OS crash) by leveraging administrative access to the guest OS, related to the pmd_none_or_clear_bad function and page faults for huge pages.
CVSS Metrics
- v2.0•MEDIUM•Score: 5.2AV:A/AC:M/Au:S/C:N/I:N/A:C
EPSS Trends
Current EPSS score: 0.36%• Percentile: 58%
Techniques & Countermeasures
- CWE-264•Permissions, Privileges, and Access Controls
Weaknesses in this category are related to the management of permissions, privileges, and other security features that are used to perform access control.
Affected Systems
- linux•linux_kernel
≤ 3.3
References (11)
- http://rhn.redhat.com/errata/RHSA-2012-0743.html
- http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00021.html
- http://www.securitytracker.com/id?1027084
- http://secunia.com/advisories/48898
- http://www.openwall.com/lists/oss-security/2012/03/15/7
- https://github.com/torvalds/linux/commit/4a1d704194a441bf83c636004a479e01360ec850
- https://bugzilla.redhat.com/show_bug.cgi?id=803793
- http://secunia.com/advisories/48404
- http://lists.fedoraproject.org/pipermail/package-announce/2012-March/075781.html
- http://marc.info/?l=bugtraq&m=139447903326211&w=2
- http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.3.1