CVE-2013-1796
kernel: kvm: buffer overflow in handling of MSR_KVM_SYSTEM_TIME
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
The kvm_set_msr_common function in arch/x86/kvm/x86.c in the Linux kernel through 3.8.4 does not ensure a required time_page alignment during an MSR_KVM_SYSTEM_TIME operation, which allows guest OS users to cause a denial of service (buffer overflow and host OS memory corruption) or possibly have unspecified other impact via a crafted application.
La función kvm_set_msr_common en arch/x86/kvm/x86.c en el kernel de Linux hasta v3.8.4 no asegura una alineación time_page requerido durante una operación MSR_KVM_SYSTEM_TIME, que permite a usuarios de sistemas operativos invitados para causar una denegación de servicios (desbordamiento de memoria y corrupción de memoria en el sistema operativo anfitrión) o posiblemente tener un impacto no especificado a través de una aplicación diseñada.
Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 6. An integer overflow flaw, leading to a heap-based buffer overflow, was found in the way the Intel i915 driver in the Linux kernel handled the allocation of the buffer used for relocation copies. A local user with console access could use this flaw to cause a denial of service or escalate their privileges. A buffer overflow flaw was found in the way UTF-8 characters were converted to UTF-16 in the utf8s_to_utf16s() function of the Linux kernel's FAT file system implementation. A local user able to mount a FAT file system with the "utf8=1" option could use this flaw to crash the system or, potentially, to escalate their privileges.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2013-02-19 CVE Reserved
- 2013-03-22 CVE Published
- 2024-08-06 CVE Updated
- 2025-03-18 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
CAPEC
References (20)
| URL | Tag | Source |
|---|---|---|
| http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=c300aa64ddf57d9c5d9c898a64b36877345dd4a9 | X_refsource_confirm | |
| http://www.openwall.com/lists/oss-security/2013/03/20/9 | Mailing List |
|
| http://www.securityfocus.com/bid/58607 | Vdb Entry |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://github.com/torvalds/linux/commit/c300aa64ddf57d9c5d9c898a64b36877345dd4a9 | 2023-02-13 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | <= 3.8.4 Search vendor "Linux" for product "Linux Kernel" and version " <= 3.8.4" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 3.8.0 Search vendor "Linux" for product "Linux Kernel" and version "3.8.0" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 3.8.1 Search vendor "Linux" for product "Linux Kernel" and version "3.8.1" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 3.8.2 Search vendor "Linux" for product "Linux Kernel" and version "3.8.2" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 3.8.3 Search vendor "Linux" for product "Linux Kernel" and version "3.8.3" | - |
Affected
| ||||||