[kernel-sec-discuss] r2882 - active

Moritz Muehlenhoff jmm at alioth.debian.org
Thu Mar 21 16:05:27 UTC 2013


Author: jmm
Date: 2013-03-21 16:05:06 +0000 (Thu, 21 Mar 2013)
New Revision: 2882

Added:
   active/CVE-2013-1796
   active/CVE-2013-1797
   active/CVE-2013-1798
Log:
new KVM issues


Added: active/CVE-2013-1796
===================================================================
--- active/CVE-2013-1796	                        (rev 0)
+++ active/CVE-2013-1796	2013-03-21 16:05:06 UTC (rev 2882)
@@ -0,0 +1,9 @@
+Description: buffer overflow in handling of MSR_KVM_SYSTEM_TIME
+References:
+Notes:
+Bugs:
+upstream: released (3.9-rc3) [c300aa64ddf57d9c5d9c898a64b36877345dd4a9]
+2.6.32-upstream-stable:
+sid:
+2.6.32-squeeze-security:
+3.2-upstream-stable:

Added: active/CVE-2013-1797
===================================================================
--- active/CVE-2013-1797	                        (rev 0)
+++ active/CVE-2013-1797	2013-03-21 16:05:06 UTC (rev 2882)
@@ -0,0 +1,9 @@
+Description: use-after-free in MSR_KVM_SYSTEM_TIME
+References:
+Notes:
+Bugs:
+upstream: released (3.9-rc3) [0b79459b482e85cb7426aa7da683a9f2c97aeae1]
+2.6.32-upstream-stable:
+sid:
+2.6.32-squeeze-security:
+3.2-upstream-stable:

Added: active/CVE-2013-1798
===================================================================
--- active/CVE-2013-1798	                        (rev 0)
+++ active/CVE-2013-1798	2013-03-21 16:05:06 UTC (rev 2882)
@@ -0,0 +1,9 @@
+Description: insufficient bounds checking in ioapic indirect register reads
+References:
+Notes:
+Bugs:
+upstream: released (3.9-rc3) [a2c118bfab8bc6b8bb213abfc35201e441693d55]
+2.6.32-upstream-stable:
+sid:
+2.6.32-squeeze-security:
+3.2-upstream-stable:




More information about the kernel-sec-discuss mailing list