CVE-2012-2119

Published: Jan 22, 2013

Modified: Aug 6, 2024

PUBLISHED

Description

Buffer overflow in the macvtap device driver in the Linux kernel before 3.4.5, when running in certain configurations, allows privileged KVM guest users to cause a denial of service (crash) via a long descriptor with a long vector length.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.5

x_refsource_CONFIRM

RHSA-2012:0743

vendor-advisory

x_refsource_REDHAT

https://github.com/torvalds/linux/commit/b92946e2919134ebe2a4083e4302236295ea2a73

x_refsource_CONFIRM

http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=b92946e2919134ebe2a4083e4302236295ea2a73

x_refsource_CONFIRM

http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=814278

x_refsource_CONFIRM

[linux-netdev] 20120416 [PATCH 3/6] macvtap: zerocopy: validate vector length before pinning user pages

mailing-list

x_refsource_MLIST

USN-1529-1

vendor-advisory

x_refsource_UBUNTU

openSUSE-SU-2013:0925

vendor-advisory

x_refsource_SUSE

https://oss.oracle.com/git/?p=redpatch.git%3Ba=commit%3Bh=4aae94d1c7b32316911c86176c0ed4f8ed62da73

x_refsource_CONFIRM

[oss-security] 20120419 Re: CVE request -- kernel: macvtap: zerocopy: vector length is not validated before pinning user pages

mailing-list

x_refsource_MLIST

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2012-2119

Description

Affected Products

References