CVE-2013-0311

Published: Feb 22, 2013

Modified: Aug 6, 2024

PUBLISHED

Description

The translate_desc function in drivers/vhost/vhost.c in the Linux kernel before 3.7 does not properly handle cross-region descriptors, which allows guest OS users to obtain host OS privileges by leveraging KVM guest OS privileges.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

RHSA-2013:0496

vendor-advisory

x_refsource_REDHAT

openSUSE-SU-2013:1187

vendor-advisory

x_refsource_SUSE

https://github.com/torvalds/linux/commit/bd97120fc3d1a11f3124c7c9ba1d91f51829eb85

x_refsource_CONFIRM

RHSA-2013:0882

vendor-advisory

x_refsource_REDHAT

MDVSA-2013:176

vendor-advisory

x_refsource_MANDRIVA

RHSA-2013:0928

vendor-advisory

x_refsource_REDHAT

[oss-security] 20130219 Re: CVE request -- Linux kernel: vhost: fix length for cross region descriptor

mailing-list

x_refsource_MLIST

RHSA-2013:0579

vendor-advisory

x_refsource_REDHAT

http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=bd97120fc3d1a11f3124c7c9ba1d91f51829eb85

x_refsource_CONFIRM

https://bugzilla.redhat.com/show_bug.cgi?id=912905

x_refsource_CONFIRM

http://www.kernel.org/pub/linux/kernel/v3.x/patch-3.7.bz2

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2013-0311

Description

Affected Products

References