** Description changed: - A buffer overflow flaw was found in the setup_routing_entry() function - in the KVM subsystem of the Linux kernel in the way the Message Signaled - Interrupts (MSI) routing entry was handled. A local, unprivileged user - could use this flaw to cause a denial of service or, possibly, escalate - their privileges. + Buffer overflow in virt/kvm/irq_comm.c in the KVM subsystem in the Linux + kernel before 3.2.24 allows local users to cause a denial of service + (crash) and possibly execute arbitrary code via vectors related to + Message Signaled Interrupts (MSI), irq routing entries, and an incorrect + check by the setup_routing_entry function before invoking the + kvm_set_irq function. Break-Fix: 46e624b95c36d729bdf24010fff11d16f6fe94fa f2ebd422f71cda9c791f76f85d2ca102ae34a1ed
-- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1016298 Title: CVE-2012-2137 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1016298/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
