Executive Summary
| Informations | |||
|---|---|---|---|
| Name | CVE-2011-4347 | First vendor Publication | 2013-06-08 |
| Vendor | Cve | Last vendor Modification | 2013-06-10 |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:L/AC:H/Au:N/C:N/I:N/A:C) | |||
|---|---|---|---|
| Cvss Base Score | 4 | Attack Range | Local |
| Cvss Impact Score | 6.9 | Attack Complexity | High |
| Cvss Expoit Score | 1.9 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| The kvm_vm_ioctl_assign_device function in virt/kvm/assigned-dev.c in the KVM subsystem in the Linux kernel before 3.1.10 does not verify permission to access PCI configuration space and BAR resources, which allows host OS users to assign PCI devices and cause a denial of service (host OS crash) via a KVM_ASSIGN_PCI_DEVICE operation. |
Original Source
| Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4347 |
CWE : Common Weakness Enumeration
| % | Id | Name |
|---|---|---|
| 100 % | CWE-264 | Permissions, Privileges, and Access Controls |
OVAL Definitions
| Definition Id: oval:org.mitre.oval:def:27813 | |||
| Oval ID: | oval:org.mitre.oval:def:27813 | ||
| Title: | ELSA-2012-0149 -- kvm security and bug fix update (moderate) | ||
| Description: | [kvm-83-249.0.1.el5] - Added kvm-add-oracle-workaround-for-libvirt-bug.patch - Added kvm-Introduce-oel-machine-type.patch - modify kversion to fix build failure [kvm-83-249.el5] - kvm-kernel-KVM-x86-Prevent-starting-PIT-timers-in-the-absence-o.patch [bz#770101] - CVE: CVE-2011-4622 - Resolves: bz#770101 (CVE-2011-4622 kernel: kvm: pit timer with no irqchip crashes the system [rhel-5.8]) | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2012-0149 CVE-2011-4347 | Version: | 3 |
| Platform(s): | Oracle Linux 5 | Product(s): | kvm |
| Definition Synopsis: | |||
CPE : Common Platform Enumeration
OpenVAS Exploits
| Date | Description |
|---|---|
| 2013-09-18 | Name : Debian Security Advisory DSA 2443-1 (linux-2.6 - privilege escalation/denial ... File : nvt/deb_2443_1.nasl |
| 2012-12-18 | Name : Fedora Update for kernel FEDORA-2012-20240 File : nvt/gb_fedora_2012_20240_kernel_fc16.nasl |
| 2012-11-29 | Name : Fedora Update for kernel FEDORA-2012-18691 File : nvt/gb_fedora_2012_18691_kernel_fc16.nasl |
| 2012-11-06 | Name : Fedora Update for kernel FEDORA-2012-17479 File : nvt/gb_fedora_2012_17479_kernel_fc16.nasl |
| 2012-09-04 | Name : Fedora Update for kernel FEDORA-2012-12684 File : nvt/gb_fedora_2012_12684_kernel_fc16.nasl |
| 2012-08-06 | Name : Fedora Update for kernel FEDORA-2012-11348 File : nvt/gb_fedora_2012_11348_kernel_fc16.nasl |
| 2012-07-30 | Name : CentOS Update for kernel CESA-2012:0350 centos6 File : nvt/gb_CESA-2012_0350_kernel_centos6.nasl |
| 2012-07-09 | Name : RedHat Update for kernel RHSA-2012:0350-01 File : nvt/gb_RHSA-2012_0350-01_kernel.nasl |
| 2012-06-25 | Name : Fedora Update for kernel FEDORA-2012-8931 File : nvt/gb_fedora_2012_8931_kernel_fc15.nasl |
| 2012-06-15 | Name : Fedora Update for kernel FEDORA-2012-8890 File : nvt/gb_fedora_2012_8890_kernel_fc16.nasl |
| 2012-05-17 | Name : Fedora Update for kernel FEDORA-2012-7594 File : nvt/gb_fedora_2012_7594_kernel_fc15.nasl |
| 2012-05-14 | Name : Fedora Update for kernel FEDORA-2012-7538 File : nvt/gb_fedora_2012_7538_kernel_fc16.nasl |
| 2012-05-11 | Name : Ubuntu Update for linux-lts-backport-natty USN-1440-1 File : nvt/gb_ubuntu_USN_1440_1.nasl |
| 2012-05-04 | Name : Ubuntu Update for linux-lts-backport-oneiric USN-1433-1 File : nvt/gb_ubuntu_USN_1433_1.nasl |
| 2012-05-04 | Name : Ubuntu Update for linux USN-1431-1 File : nvt/gb_ubuntu_USN_1431_1.nasl |
| 2012-04-26 | Name : Ubuntu Update for linux-ec2 USN-1426-1 File : nvt/gb_ubuntu_USN_1426_1.nasl |
| 2012-04-26 | Name : Ubuntu Update for linux USN-1425-1 File : nvt/gb_ubuntu_USN_1425_1.nasl |
| 2012-04-26 | Name : Fedora Update for kernel FEDORA-2012-6406 File : nvt/gb_fedora_2012_6406_kernel_fc15.nasl |
| 2012-04-13 | Name : Ubuntu Update for linux USN-1422-1 File : nvt/gb_ubuntu_USN_1422_1.nasl |
| 2012-04-13 | Name : Ubuntu Update for linux-lts-backport-maverick USN-1421-1 File : nvt/gb_ubuntu_USN_1421_1.nasl |
| 2012-04-02 | Name : Fedora Update for kernel FEDORA-2012-0363 File : nvt/gb_fedora_2012_0363_kernel_fc16.nasl |
| 2012-04-02 | Name : Fedora Update for kernel FEDORA-2012-0876 File : nvt/gb_fedora_2012_0876_kernel_fc16.nasl |
| 2012-04-02 | Name : Fedora Update for kernel FEDORA-2012-0480 File : nvt/gb_fedora_2012_0480_kernel_fc16.nasl |
| 2012-04-02 | Name : Fedora Update for kernel FEDORA-2012-3712 File : nvt/gb_fedora_2012_3712_kernel_fc16.nasl |
| 2012-04-02 | Name : Fedora Update for kernel FEDORA-2012-3030 File : nvt/gb_fedora_2012_3030_kernel_fc16.nasl |
| 2012-03-29 | Name : Fedora Update for kernel FEDORA-2012-3715 File : nvt/gb_fedora_2012_3715_kernel_fc15.nasl |
| 2012-03-29 | Name : Ubuntu Update for linux-lts-backport-oneiric USN-1409-1 File : nvt/gb_ubuntu_USN_1409_1.nasl |
| 2012-03-29 | Name : Ubuntu Update for linux USN-1407-1 File : nvt/gb_ubuntu_USN_1407_1.nasl |
| 2012-03-29 | Name : Ubuntu Update for linux USN-1406-1 File : nvt/gb_ubuntu_USN_1406_1.nasl |
| 2012-03-29 | Name : Ubuntu Update for linux USN-1405-1 File : nvt/gb_ubuntu_USN_1405_1.nasl |
| 2012-03-22 | Name : Fedora Update for kernel FEDORA-2012-4410 File : nvt/gb_fedora_2012_4410_kernel_fc16.nasl |
| 2012-03-19 | Name : Fedora Update for kernel FEDORA-2012-3350 File : nvt/gb_fedora_2012_3350_kernel_fc16.nasl |
| 2012-03-19 | Name : Fedora Update for kernel FEDORA-2012-1497 File : nvt/gb_fedora_2012_1497_kernel_fc16.nasl |
| 2012-03-16 | Name : Fedora Update for kernel FEDORA-2012-3356 File : nvt/gb_fedora_2012_3356_kernel_fc15.nasl |
| 2012-03-07 | Name : Ubuntu Update for linux USN-1389-1 File : nvt/gb_ubuntu_USN_1389_1.nasl |
| 2012-03-07 | Name : Fedora Update for kernel FEDORA-2012-2753 File : nvt/gb_fedora_2012_2753_kernel_fc15.nasl |
| 2012-02-13 | Name : Fedora Update for kernel FEDORA-2012-1503 File : nvt/gb_fedora_2012_1503_kernel_fc15.nasl |
| 2012-01-25 | Name : Fedora Update for kernel FEDORA-2012-0861 File : nvt/gb_fedora_2012_0861_kernel_fc15.nasl |
| 2012-01-16 | Name : Fedora Update for kernel FEDORA-2012-0492 File : nvt/gb_fedora_2012_0492_kernel_fc15.nasl |
Open Source Vulnerability Database (OSVDB)
| Id | Description |
|---|---|
| 77626 | Linux Kernel kvm_vm_ioctl_assign_device Function /dev/kym Local DoS |
Nessus® Vulnerability Scanner
| Date | Description |
|---|---|
| 2014-11-17 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0422.nasl - Type : ACT_GATHER_INFO |
| 2014-11-17 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0168.nasl - Type : ACT_GATHER_INFO |
| 2013-09-04 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2012-55.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-0149.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-0350.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-2003.nasl - Type : ACT_GATHER_INFO |
| 2013-01-24 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0149.nasl - Type : ACT_GATHER_INFO |
| 2013-01-24 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-1042.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120221_kvm_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120306_kernel_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
| 2012-05-08 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1440-1.nasl - Type : ACT_GATHER_INFO |
| 2012-05-01 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1433-1.nasl - Type : ACT_GATHER_INFO |
| 2012-05-01 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1431-1.nasl - Type : ACT_GATHER_INFO |
| 2012-04-25 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1425-1.nasl - Type : ACT_GATHER_INFO |
| 2012-04-25 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1426-1.nasl - Type : ACT_GATHER_INFO |
| 2012-04-13 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1421-1.nasl - Type : ACT_GATHER_INFO |
| 2012-04-13 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1422-1.nasl - Type : ACT_GATHER_INFO |
| 2012-03-27 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2443.nasl - Type : ACT_GATHER_INFO |
| 2012-03-27 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1405-1.nasl - Type : ACT_GATHER_INFO |
| 2012-03-27 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1406-1.nasl - Type : ACT_GATHER_INFO |
| 2012-03-27 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1407-1.nasl - Type : ACT_GATHER_INFO |
| 2012-03-27 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1409-1.nasl - Type : ACT_GATHER_INFO |
| 2012-03-08 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-0350.nasl - Type : ACT_GATHER_INFO |
| 2012-03-07 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1389-1.nasl - Type : ACT_GATHER_INFO |
| 2012-03-07 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0350.nasl - Type : ACT_GATHER_INFO |
| 2012-01-16 | Name : The remote Fedora host is missing a security update. File : fedora_2012-0492.nasl - Type : ACT_GATHER_INFO |
| 2012-01-16 | Name : The remote Fedora host is missing a security update. File : fedora_2012-0363.nasl - Type : ACT_GATHER_INFO |
Sources (Detail)
Alert History
| Date | Informations |
|---|---|
| 2024-02-02 01:17:37 |
|
| 2024-02-01 12:05:13 |
|
| 2023-09-05 12:16:32 |
|
| 2023-09-05 01:05:05 |
|
| 2023-09-02 12:16:38 |
|
| 2023-09-02 01:05:11 |
|
| 2023-08-12 12:20:13 |
|
| 2023-08-12 01:05:11 |
|
| 2023-08-11 12:16:43 |
|
| 2023-08-11 01:05:21 |
|
| 2023-08-06 12:16:04 |
|
| 2023-08-06 01:05:12 |
|
| 2023-08-04 12:16:08 |
|
| 2023-08-04 01:05:12 |
|
| 2023-07-14 12:16:08 |
|
| 2023-07-14 01:05:09 |
|
| 2023-03-29 01:18:01 |
|
| 2023-03-28 12:05:17 |
|
| 2022-10-11 12:14:24 |
|
| 2022-10-11 01:04:54 |
|
| 2022-03-11 01:11:50 |
|
| 2021-05-25 12:09:06 |
|
| 2021-05-04 12:17:51 |
|
| 2021-04-22 01:21:09 |
|
| 2020-08-11 12:06:59 |
|
| 2020-08-08 01:07:01 |
|
| 2020-08-07 12:07:08 |
|
| 2020-08-07 01:07:17 |
|
| 2020-08-01 12:07:03 |
|
| 2020-07-30 01:07:24 |
|
| 2020-05-23 01:47:31 |
|
| 2020-05-23 00:32:12 |
|
| 2019-01-25 12:04:25 |
|
| 2018-11-17 12:02:57 |
|
| 2018-10-30 12:04:45 |
|
| 2016-07-01 11:08:00 |
|
| 2016-06-29 00:23:37 |
|
| 2016-06-28 18:54:11 |
|
| 2016-04-26 21:14:02 |
|
| 2014-11-18 13:25:56 |
|
| 2014-02-17 11:06:13 |
|
| 2013-09-20 17:21:10 |
|
| 2013-06-10 21:19:13 |
|
| 2013-06-08 17:20:05 |
|
