4.9 - CVE-2011-4622

Executive Summary

Informations
Name	CVE-2011-4622	First vendor Publication	2012-01-27
Vendor	Cve	Last vendor Modification	2017-12-29

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score	NA
Base Score	NA	Environmental Score	NA
impact SubScore	NA	Temporal Score	NA
Exploitabality Sub Score	NA

Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:L/AC:L/Au:N/C:N/I:N/A:C)
Cvss Base Score	4.9	Attack Range	Local
Cvss Impact Score	6.9	Attack Complexity	Low
Cvss Expoit Score	3.9	Authentication	None Required
Calculate full CVSS 2.0 Vectors scores

Detail

The create_pit_timer function in arch/x86/kvm/i8254.c in KVM 83, and possibly other versions, does not properly handle when Programmable Interval Timer (PIT) interrupt requests (IRQs) when a virtual interrupt controller (irqchip) is not available, which allows local users to cause a denial of service (NULL pointer dereference) by starting a timer.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4622

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:27856

Oval ID:	oval:org.mitre.oval:def:27856
Title:	DEPRECATED: ELSA-2012-0350 -- kernel security and bug fix update (moderate)
Description:	[2.6.32-220.7.1.el6] - [netdrv] tg3: Fix single-vector MSI-X code (John Feeney) [787162 703555] - [mm] export remove_from_page_cache() to modules (Jerome Marchand) [772687 751419] - [block] cfq-iosched: fix cfq_cic_link() race confition (Vivek Goyal) [786022 765673] - [fs] cifs: lower default wsize when unix extensions are not used (Jeff Layton) [789058 773705] - [net] svcrpc: fix double-free on shutdown of nfsd after changing pool mode (J. Bruce Fields) [787580 753030] - [net] svcrpc: avoid memory-corruption on pool shutdown (J. Bruce Fields) [787580 753030] - [net] svcrpc: destroy server sockets all at once (J. Bruce Fields) [787580 753030] - [net] svcrpc: simplify svc_close_all (J. Bruce Fields) [787580 753030] - [net] svcrpc: fix list-corrupting race on nfsd shutdown (J. Bruce Fields) [787580 753030] - [fs] xfs: Fix missing xfs_iunlock() on error recovery path in xfs_readlink() (Carlos Maiolino) [749161 694702] {CVE-2011-4077} - [fs] xfs: Fix memory corruption in xfs_readlink (Carlos Maiolino) [749161 694702] {CVE-2011-4077} - [x86] hpet: Disable per-cpu hpet timer if ARAT is supported (Prarit Bhargava) [772884 750201] - [x86] Improve TSC calibration using a delayed workqueue (Prarit Bhargava) [772884 750201] - [kernel] clocksource: Add clocksource_register_hz/khz interface (Prarit Bhargava) [772884 750201] - [kernel] clocksource: Provide a generic mult/shift factor calculation (Prarit Bhargava) [772884 750201] - [block] cfq-iosched: fix a kbuild regression (Vivek Goyal) [769208 705698] - [block] cfq-iosched: rethink seeky detection for SSDs (Vivek Goyal) [769208 705698] - [block] cfq-iosched: rework seeky detection (Vivek Goyal) [769208 705698] - [block] cfq-iosched: don't regard requests with long distance as close (Vivek Goyal) [769208 705698]
Family:	unix	Class:	patch
Reference(s):	ELSA-2012-0350 CVE-2011-4081 CVE-2011-4347 CVE-2011-4594 CVE-2011-4611 CVE-2012-0038 CVE-2012-0045 CVE-2012-0207 CVE-2011-4077 CVE-2011-4132 CVE-2011-4622	Version:	4
Platform(s):	Oracle Linux 6	Product(s):	kernel
Definition Synopsis:
Oracle Linux 6.x Packages match section kernel is earlier than 0:2.6.32-220.7.1.el6 AND kernel-debug is earlier than 0:2.6.32-220.7.1.el6 AND kernel-debug-devel is earlier than 0:2.6.32-220.7.1.el6 AND kernel-devel is earlier than 0:2.6.32-220.7.1.el6 AND kernel-doc is earlier than 0:2.6.32-220.7.1.el6 AND kernel-firmware is earlier than 0:2.6.32-220.7.1.el6 AND kernel-headers is earlier than 0:2.6.32-220.7.1.el6 AND perf is earlier than 0:2.6.32-220.7.1.el6 AND python-perf is earlier than 0:2.6.32-220.7.1.el6

Definition Id: oval:org.mitre.oval:def:27879

Oval ID:	oval:org.mitre.oval:def:27879
Title:	DEPRECATED: ELSA-2012-0051 -- kvm security update (important)
Description:	[kvm-83-239.0.1.el5_7.1] - Added kvm-add-oracle-workaround-for-libvirt-bug.patch - Added kvm-Introduce-oel-machine-type.patch [kvm-83-239.el5_7.1] - kvm-e1000-prevent-buffer-overflow-when-processing-legacy.patch [bz#772079] - Resolves: bz#772079 (EMBARGOED CVE-2012-0029 qemu-kvm: e1000: process_tx_desc legacy mode packets heap overflow [rhel-5.7.z]) - kvm-Fix-external-module-compat.c-not-to-use-unsupported-.patch [bz#753860] (build fix) - kvm-kernel-KVM-x86-Prevent-starting-PIT-timers-in-the-absence-o.patch [bz#770100] - Resolves: bz#770100 (CVE-2011-4622 kernel: kvm: pit timer with no irqchip crashes the system [rhel-5.7.z]) [kvm-83-239.el5_7.1] - Updated kversion to 2.6.18-274.17.1.el5 to match build root
Family:	unix	Class:	patch
Reference(s):	ELSA-2012-0051 CVE-2012-0029 CVE-2011-4622	Version:	4
Platform(s):	Oracle Linux 5	Product(s):	kvm
Definition Synopsis:
Oracle Linux 5.x Packages match section kvm is earlier than 0:83-239.0.1.el5_7.1 AND kmod-kvm is earlier than 0:83-239.0.1.el5_7.1 AND kmod-kvm-debug is earlier than 0:83-239.0.1.el5_7.1 AND kvm-qemu-img is earlier than 0:83-239.0.1.el5_7.1 AND kvm-tools is earlier than 0:83-239.0.1.el5_7.1

Definition Id: oval:org.mitre.oval:def:27914

Oval ID:	oval:org.mitre.oval:def:27914
Title:	ELSA-2012-2003 -- Unbreakable Enterprise kernel security and bug fix update (important)
Description:	[2.6.32-300.11.1.el6uek] - [fs] xfs: Fix possible memory corruption in xfs_readlink (Carlos Maiolino) {CVE-2011-4077} - [scsi] increase qla2xxx firmware ready time-out (Joe Jin) - [scsi] qla2xxx: Module parameter to control use of async or sync port login (Joe Jin) - [net] tg3: Fix single-vector MSI-X code (Joe Jin) - [net] qlge: fix size of external list for TX address descriptors (Joe Jin) - [net] e1000e: Avoid wrong check on TX hang (Joe Jin) - crypto: ghash - Avoid null pointer dereference if no key is set (Nick Bowler) {CVE-2011-4081} - jbd/jbd2: validate sb->s_first in journal_get_superblock() (Eryu Guan) {CVE-2011-4132} - KVM: Device assignment permission checks (Joe Jin) {CVE-2011-4347} - KVM: x86: Prevent starting PIT timers in the absence of irqchip support (Jan Kiszka) {CVE-2011-4622} - xfs: validate acl count (Joe Jin) {CVE-2012-0038} - KVM: x86: fix missing checks in syscall emulation (Joe Jin) {CVE-2012-0045} - KVM: x86: extend 'struct x86_emulate_ops' with 'get_cpuid' (Joe Jin) {CVE-2012-0045} - igmp: Avoid zero delay when receiving odd mixture of IGMP queries (Ben Hutchings) {CVE-2012-0207} - ipv4: correct IGMP behavior on v3 query during v2-compatibility mode (David Stevens) - fuse: fix fuse request unique id (Srinivas Eeda) [orabug 13816349]
Family:	unix	Class:	patch
Reference(s):	ELSA-2012-2003 CVE-2011-4081 CVE-2011-4347 CVE-2012-0038 CVE-2012-0045 CVE-2012-0207 CVE-2011-4077 CVE-2011-4132 CVE-2011-4622	Version:	5
Platform(s):	Oracle Linux 5 Oracle Linux 6	Product(s):	kernel-uek mlnx_en ofa kernel-uek-debug kernel-uek-debug-devel kernel-uek-devel kernel-uek-doc kernel-uek-firmware kernel-uek-headers
Definition Synopsis:
Oracle Linux 5 release section Oracle Linux 5.x Packages match section kernel-uek is earlier than 0:2.6.32-300.11.1.el5uek AND mlnx_en-2.6.32-300.11.1.el5uek is earlier than 0:1.5.7-2 AND ofa-2.6.32-300.11.1.el5uek is earlier than 0:1.5.1-4.0.53 AND kernel-uek-debug is earlier than 0:2.6.32-300.11.1.el5uek AND kernel-uek-debug-devel is earlier than 0:2.6.32-300.11.1.el5uek AND kernel-uek-devel is earlier than 0:2.6.32-300.11.1.el5uek AND kernel-uek-doc is earlier than 0:2.6.32-300.11.1.el5uek AND kernel-uek-firmware is earlier than 0:2.6.32-300.11.1.el5uek AND kernel-uek-headers is earlier than 0:2.6.32-300.11.1.el5uek AND mlnx_en-2.6.32-300.11.1.el5uekdebug is earlier than 0:1.5.7-2 AND ofa-2.6.32-300.11.1.el5uekdebug is earlier than 0:1.5.1-4.0.53 AND Oracle Linux 6 release section Oracle Linux 6.x Packages match section kernel-uek is earlier than 0:2.6.32-300.11.1.el6uek AND mlnx_en-2.6.32-300.11.1.el6uek is earlier than 0:1.5.7-0.1 AND ofa-2.6.32-300.11.1.el6uek is earlier than 0:1.5.1-4.0.47 AND kernel-uek-debug is earlier than 0:2.6.32-300.11.1.el6uek AND kernel-uek-debug-devel is earlier than 0:2.6.32-300.11.1.el6uek AND kernel-uek-devel is earlier than 0:2.6.32-300.11.1.el6uek AND kernel-uek-doc is earlier than 0:2.6.32-300.11.1.el6uek AND kernel-uek-firmware is earlier than 0:2.6.32-300.11.1.el6uek AND kernel-uek-headers is earlier than 0:2.6.32-300.11.1.el6uek AND mlnx_en-2.6.32-300.11.1.el6uekdebug is earlier than 0:1.5.7-0.1 AND ofa-2.6.32-300.11.1.el6uekdebug is earlier than 0:1.5.1-4.0.47

CPE : Common Platform Enumeration

Type	Description	Count
Application	Redhat Kvm cpe:2.3:a:redhat:kvm:83:::::::*	1

OpenVAS Exploits

Date	Description
2013-09-18	Name : Debian Security Advisory DSA 2389-1 (linux-2.6 - privilege escalation/denial ... File : nvt/deb_2389_1.nasl
2012-12-18	Name : Fedora Update for kernel FEDORA-2012-20240 File : nvt/gb_fedora_2012_20240_kernel_fc16.nasl
2012-11-29	Name : Fedora Update for kernel FEDORA-2012-18691 File : nvt/gb_fedora_2012_18691_kernel_fc16.nasl
2012-11-06	Name : Fedora Update for kernel FEDORA-2012-17479 File : nvt/gb_fedora_2012_17479_kernel_fc16.nasl
2012-09-04	Name : Fedora Update for kernel FEDORA-2012-12684 File : nvt/gb_fedora_2012_12684_kernel_fc16.nasl
2012-08-06	Name : Fedora Update for kernel FEDORA-2012-11348 File : nvt/gb_fedora_2012_11348_kernel_fc16.nasl
2012-07-30	Name : CentOS Update for kernel CESA-2012:0350 centos6 File : nvt/gb_CESA-2012_0350_kernel_centos6.nasl
2012-07-30	Name : CentOS Update for kmod-kvm CESA-2012:0051 centos5 File : nvt/gb_CESA-2012_0051_kmod-kvm_centos5.nasl
2012-07-09	Name : RedHat Update for kernel RHSA-2012:0350-01 File : nvt/gb_RHSA-2012_0350-01_kernel.nasl
2012-06-25	Name : Fedora Update for kernel FEDORA-2012-8931 File : nvt/gb_fedora_2012_8931_kernel_fc15.nasl
2012-06-15	Name : Fedora Update for kernel FEDORA-2012-8890 File : nvt/gb_fedora_2012_8890_kernel_fc16.nasl
2012-05-17	Name : Fedora Update for kernel FEDORA-2012-7594 File : nvt/gb_fedora_2012_7594_kernel_fc15.nasl
2012-05-14	Name : Fedora Update for kernel FEDORA-2012-7538 File : nvt/gb_fedora_2012_7538_kernel_fc16.nasl
2012-04-26	Name : Fedora Update for kernel FEDORA-2012-6406 File : nvt/gb_fedora_2012_6406_kernel_fc15.nasl
2012-04-02	Name : Fedora Update for kernel FEDORA-2012-0876 File : nvt/gb_fedora_2012_0876_kernel_fc16.nasl
2012-04-02	Name : Fedora Update for kernel FEDORA-2012-3712 File : nvt/gb_fedora_2012_3712_kernel_fc16.nasl
2012-04-02	Name : Fedora Update for kernel FEDORA-2012-3030 File : nvt/gb_fedora_2012_3030_kernel_fc16.nasl
2012-04-02	Name : Fedora Update for kernel FEDORA-2012-0480 File : nvt/gb_fedora_2012_0480_kernel_fc16.nasl
2012-04-02	Name : Fedora Update for kernel FEDORA-2012-0145 File : nvt/gb_fedora_2012_0145_kernel_fc16.nasl
2012-04-02	Name : Fedora Update for kernel FEDORA-2012-0363 File : nvt/gb_fedora_2012_0363_kernel_fc16.nasl
2012-03-29	Name : Fedora Update for kernel FEDORA-2012-3715 File : nvt/gb_fedora_2012_3715_kernel_fc15.nasl
2012-03-22	Name : Fedora Update for kernel FEDORA-2012-4410 File : nvt/gb_fedora_2012_4410_kernel_fc16.nasl
2012-03-19	Name : Fedora Update for kernel FEDORA-2012-3350 File : nvt/gb_fedora_2012_3350_kernel_fc16.nasl
2012-03-19	Name : Fedora Update for kernel FEDORA-2012-1497 File : nvt/gb_fedora_2012_1497_kernel_fc16.nasl
2012-03-16	Name : Fedora Update for kernel FEDORA-2012-3356 File : nvt/gb_fedora_2012_3356_kernel_fc15.nasl
2012-03-16	Name : Ubuntu Update for linux USN-1363-1 File : nvt/gb_ubuntu_USN_1363_1.nasl
2012-03-07	Name : Fedora Update for kernel FEDORA-2012-2753 File : nvt/gb_fedora_2012_2753_kernel_fc15.nasl
2012-03-07	Name : Ubuntu Update for linux-lts-backport-oneiric USN-1384-1 File : nvt/gb_ubuntu_USN_1384_1.nasl
2012-03-07	Name : Ubuntu Update for linux-lts-backport-natty USN-1386-1 File : nvt/gb_ubuntu_USN_1386_1.nasl
2012-03-07	Name : Ubuntu Update for linux-lts-backport-maverick USN-1387-1 File : nvt/gb_ubuntu_USN_1387_1.nasl
2012-03-07	Name : Ubuntu Update for linux-ec2 USN-1388-1 File : nvt/gb_ubuntu_USN_1388_1.nasl
2012-03-07	Name : Ubuntu Update for linux USN-1389-1 File : nvt/gb_ubuntu_USN_1389_1.nasl
2012-02-21	Name : Ubuntu Update for linux USN-1361-1 File : nvt/gb_ubuntu_USN_1361_1.nasl
2012-02-21	Name : Ubuntu Update for linux USN-1362-1 File : nvt/gb_ubuntu_USN_1362_1.nasl
2012-02-13	Name : Fedora Update for kernel FEDORA-2012-1503 File : nvt/gb_fedora_2012_1503_kernel_fc15.nasl
2012-01-25	Name : Fedora Update for kernel FEDORA-2012-0861 File : nvt/gb_fedora_2012_0861_kernel_fc15.nasl
2012-01-16	Name : Fedora Update for kernel FEDORA-2012-0492 File : nvt/gb_fedora_2012_0492_kernel_fc15.nasl

Open Source Vulnerability Database (OSVDB)

Id	Description
77985	Linux Kernel arch/x86/kvm/i8254.c create_pit_timer() Function PIT Configuring...

Information Assurance Vulnerability Management (IAVM)

Date	Description
2011-02-17	IAVM : 2011-B-0021 - Multiple Vulnerabilities in IBM Tivoli Access Manager Severity : Category I - VMSKEY : V0026077

Nessus® Vulnerability Scanner

Date	Description
2014-11-17	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0422.nasl - Type : ACT_GATHER_INFO
2013-09-04	Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2012-55.nasl - Type : ACT_GATHER_INFO
2013-07-12	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-0051.nasl - Type : ACT_GATHER_INFO
2013-07-12	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-0350.nasl - Type : ACT_GATHER_INFO
2013-07-12	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-2003.nasl - Type : ACT_GATHER_INFO
2013-01-25	Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_kernel-120428.nasl - Type : ACT_GATHER_INFO
2013-01-24	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0051.nasl - Type : ACT_GATHER_INFO
2012-08-01	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120123_kvm_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-08-01	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120306_kernel_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2012-03-08	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-0350.nasl - Type : ACT_GATHER_INFO
2012-03-07	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0350.nasl - Type : ACT_GATHER_INFO
2012-03-07	Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1384-1.nasl - Type : ACT_GATHER_INFO
2012-03-07	Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1386-1.nasl - Type : ACT_GATHER_INFO
2012-03-07	Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1387-1.nasl - Type : ACT_GATHER_INFO
2012-03-07	Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1388-1.nasl - Type : ACT_GATHER_INFO
2012-03-07	Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1389-1.nasl - Type : ACT_GATHER_INFO
2012-02-14	Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1361-1.nasl - Type : ACT_GATHER_INFO
2012-02-14	Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1362-1.nasl - Type : ACT_GATHER_INFO
2012-02-14	Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1363-1.nasl - Type : ACT_GATHER_INFO
2012-01-25	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-0051.nasl - Type : ACT_GATHER_INFO
2012-01-18	Name : The remote Debian host is missing a security-related update. File : debian_DSA-2389.nasl - Type : ACT_GATHER_INFO
2012-01-16	Name : The remote Fedora host is missing a security update. File : fedora_2012-0492.nasl - Type : ACT_GATHER_INFO
2012-01-09	Name : The remote Fedora host is missing a security update. File : fedora_2012-0145.nasl - Type : ACT_GATHER_INFO

Sources (Detail)

Source	Url
BID	http://www.securityfocus.com/bid/51172
CONFIRM	https://bugzilla.redhat.com/show_bug.cgi?id=769721
MLIST	http://permalink.gmane.org/gmane.comp.emulators.kvm.devel/83564 http://www.openwall.com/lists/oss-security/2011/12/21/7
REDHAT	http://www.redhat.com/support/errata/RHSA-2012-0051.html
SECTRACK	http://www.securitytracker.com/id?1026559
SUSE	http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00013.html http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00005.html

Alert History

If you want to see full details history, please login or register.

Date	Informations
2021-05-04 12:17:56	Multiple Updates
2021-04-22 01:21:14	Multiple Updates
2020-05-23 00:32:17	Multiple Updates
2017-12-29 09:21:57	Multiple Updates
2016-07-28 01:01:59	Multiple Updates
2014-11-18 13:25:58	Multiple Updates
2014-02-17 11:06:28	Multiple Updates
2013-11-11 12:39:39	Multiple Updates
2013-09-20 17:21:10	Multiple Updates
2013-06-21 13:19:10	Multiple Updates
2013-05-10 23:11:12	Multiple Updates

Global Informations

Type	Count
Oval ID(s)	3
CPE ID(s)	1
Sources(s)	8
osvdb(s)	1
Openvas Exploit(s)	37
IAVM(s)	1
Nessus® Exploit(s)	23

	Related
7.8	USN-1386-1
7.8	USN-1384-1
7.8	USN-1363-1
7.8	RHSA-2012:0350
7.4	RHSA-2012:0051
7.2	USN-1387-1
7.2	USN-1362-1
7.2	USN-1361-1
6.9	DSA-2389
4.9	USN-1389-1
4.9	USN-1388-1
Info : listing not affected by your CVSS Env Score

Same Subject	Severity
Login to view 11 more Alert(s)

4.9 - CVE-2011-4622

Executive Summary

Security-Database Scoring CVSS v3

Security-Database Scoring CVSS v2

Detail

Original Source

OVAL Definitions

CPE : Common Platform Enumeration

OpenVAS Exploits

Open Source Vulnerability Database (OSVDB)

Information Assurance Vulnerability Management (IAVM)

Nessus® Vulnerability Scanner

Sources (Detail)

Alert History

Global Informations

Open Standards

Other Databases

COMPANY

STANDARDS

RECENT POSTS

MENU