CVE-2012-0045
published 2012-07-03CVE-2012-0045: The em_syscall function in arch/x86/kvm/emulate.c in the KVM implementation in the Linux kernel before 3.2.14 does not properly handle the 0f05 (aka syscall)…
PriorityP419medium4.7CVSS 2.0
AVLACMAuNCNINAC
EXPLOIT
EPSS
1.01%
58.9th percentile
The em_syscall function in arch/x86/kvm/emulate.c in the KVM implementation in the Linux kernel before 3.2.14 does not properly handle the 0f05 (aka syscall) opcode, which allows guest OS users to cause a denial of service (guest OS crash) via a crafted application, as demonstrated by an NASM file.
Affected
62 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| linux | linux_kernel | <= 3.2.13 | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
CVSS provenance
nvdv2.04.7MEDIUMAV:L/AC:M/Au:N/C:N/I:N/A:C
osv4.7MEDIUM
vendor_ubuntu4.9MEDIUM
vendor_redhat4.7MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Ubuntu
Linux kernel (Natty backport) vulnerabilities
vendor_ubuntu·2012-05-08·CVSS 4.9
CVE-2011-4086 [MEDIUM] Linux kernel (Natty backport) vulnerabilities
Title: Linux kernel (Natty backport) vulnerabilities
Summary: Several security issues were fixed in the kernel.
A flaw was found in the Linux's kernels ext4 file system when mounted with
a journal. A local, unprivileged user could exploit this flaw to cause a
denial of service. (CVE-2011-4086)
Sasha Levin discovered a flaw in the permission checking for device
assignments requested via the kvm ioctl in the Linux kernel. A local user
could use this flaw to crash the system causing a denial of service.
(CVE-2011-4347)
Stephan Bärwolf discovered a flaw in the KVM (kernel-based virtual
machine) subsystem of the Linux kernel. A local unprivileged user can crash
use this flaw to crash VMs causing a deny of service. (CVE-2012-0045)
A flaw was discovered in the Linux kernel's cifs file system
Ubuntu
Linux kernel vulnerabilities
vendor_ubuntu·2012-05-01·CVSS 4.9
CVE-2012-4398 [MEDIUM] Linux kernel vulnerabilities
Title: Linux kernel vulnerabilities
Summary: Several security issues were fixed in the kernel.
A flaw was found in the Linux's kernels ext4 file system when mounted with
a journal. A local, unprivileged user could exploit this flaw to cause a
denial of service. (CVE-2011-4086)
Sasha Levin discovered a flaw in the permission checking for device
assignments requested via the kvm ioctl in the Linux kernel. A local user
could use this flaw to crash the system causing a denial of service.
(CVE-2011-4347)
Stephan Bärwolf discovered a flaw in the KVM (kernel-based virtual
machine) subsystem of the Linux kernel. A local unprivileged user can crash
use this flaw to crash VMs causing a deny of service. (CVE-2012-0045)
A flaw was discovered in the Linux kernel's cifs file system. An
unprivileged
Ubuntu
Linux kernel (Oneiric backport) vulnerabilities
vendor_ubuntu·2012-05-01·CVSS 4.9
CVE-2011-4086 [MEDIUM] Linux kernel (Oneiric backport) vulnerabilities
Title: Linux kernel (Oneiric backport) vulnerabilities
Summary: Several security issues were fixed in the kernel.
A flaw was found in the Linux's kernels ext4 file system when mounted with
a journal. A local, unprivileged user could exploit this flaw to cause a
denial of service. (CVE-2011-4086)
Sasha Levin discovered a flaw in the permission checking for device
assignments requested via the kvm ioctl in the Linux kernel. A local user
could use this flaw to crash the system causing a denial of service.
(CVE-2011-4347)
Stephan Bärwolf discovered a flaw in the KVM (kernel-based virtual
machine) subsystem of the Linux kernel. A local unprivileged user can crash
use this flaw to crash VMs causing a deny of service. (CVE-2012-0045)
A flaw was discovered in the Linux kernel's cifs file syst
Ubuntu
Linux kernel (EC2) vulnerabilities
vendor_ubuntu·2012-04-24·CVSS 4.0
CVE-2011-4347 [MEDIUM] Linux kernel (EC2) vulnerabilities
Title: Linux kernel (EC2) vulnerabilities
Summary: Several security issues were fixed in the kernel.
Sasha Levin discovered a flaw in the permission checking for device
assignments requested via the kvm ioctl in the Linux kernel. A local user
could use this flaw to crash the system causing a denial of service.
(CVE-2011-4347)
Stephan Bärwolf discovered a flaw in the KVM (kernel-based virtual
machine) subsystem of the Linux kernel. A local unprivileged user can crash
use this flaw to crash VMs causing a deny of service. (CVE-2012-0045)
A flaw was discovered in the Linux kernel's cifs file system. An
unprivileged local user could exploit this flaw to crash the system leading
to a denial of service. (CVE-2012-1090)
H. Peter Anvin reported a flaw in the Linux kernel that could crash the
s
Ubuntu
Linux kernel vulnerabilities
vendor_ubuntu·2012-04-24·CVSS 4.0
CVE-2011-4347 [MEDIUM] Linux kernel vulnerabilities
Title: Linux kernel vulnerabilities
Summary: Several security issues were fixed in the kernel.
Sasha Levin discovered a flaw in the permission checking for device
assignments requested via the kvm ioctl in the Linux kernel. A local user
could use this flaw to crash the system causing a denial of service.
(CVE-2011-4347)
Stephan Bärwolf discovered a flaw in the KVM (kernel-based virtual
machine) subsystem of the Linux kernel. A local unprivileged user can crash
use this flaw to crash VMs causing a deny of service. (CVE-2012-0045)
A flaw was discovered in the Linux kernel's cifs file system. An
unprivileged local user could exploit this flaw to crash the system leading
to a denial of service. (CVE-2012-1090)
H. Peter Anvin reported a flaw in the Linux kernel that could crash the
system.
Ubuntu
Linux kernel vulnerabilities
vendor_ubuntu·2012-04-12·CVSS 4.0
CVE-2012-1097 [MEDIUM] Linux kernel vulnerabilities
Title: Linux kernel vulnerabilities
Summary: Several security issues were fixed in the kernel.
Sasha Levin discovered a flaw in the permission checking for device
assignments requested via the kvm ioctl in the Linux kernel. A local user
could use this flaw to crash the system causing a denial of service.
(CVE-2011-4347)
Stephan Bärwolf discovered a flaw in the KVM (kernel-based virtual
machine) subsystem of the Linux kernel. A local unprivileged user can crash
use this flaw to crash VMs causing a deny of service. (CVE-2012-0045)
H. Peter Anvin reported a flaw in the Linux kernel that could crash the
system. A local user could exploit this flaw to crash the system.
(CVE-2012-1097)
A flaw was discovered in the Linux kernel's cgroups subset. A local
attacker could use this flaw to crash
Ubuntu
Linux kernel (Maverick backport) vulnerabilities
vendor_ubuntu·2012-04-12·CVSS 4.0
CVE-2011-4347 [MEDIUM] Linux kernel (Maverick backport) vulnerabilities
Title: Linux kernel (Maverick backport) vulnerabilities
Summary: Several security issues were fixed in the kernel.
Sasha Levin discovered a flaw in the permission checking for device
assignments requested via the kvm ioctl in the Linux kernel. A local user
could use this flaw to crash the system causing a denial of service.
(CVE-2011-4347)
Stephan Bärwolf discovered a flaw in the KVM (kernel-based virtual
machine) subsystem of the Linux kernel. A local unprivileged user can crash
use this flaw to crash VMs causing a deny of service. (CVE-2012-0045)
H. Peter Anvin reported a flaw in the Linux kernel that could crash the
system. A local user could exploit this flaw to crash the system.
(CVE-2012-1097)
A flaw was discovered in the Linux kernel's cgroups subset. A local
attacker could use
Red Hat
kernel: kvm: syscall instruction induced guest panic
vendor_redhat·2011-12-29·CVSS 4.7
CVE-2012-0045 [MEDIUM] kernel: kvm: syscall instruction induced guest panic
kernel: kvm: syscall instruction induced guest panic
The em_syscall function in arch/x86/kvm/emulate.c in the KVM implementation in the Linux kernel before 3.2.14 does not properly handle the 0f05 (aka syscall) opcode, which allows guest OS users to cause a denial of service (guest OS crash) via a crafted application, as demonstrated by an NASM file.
Statement: This issue did not affect the versions of Linux kernel as shipped with Red Hat Enterprise Linux 4 and Red Hat Enterprise MRG as they did not provide support for the KVM subsystem. This issue did not affect the versions of kvm as shipped with Red Hat Enterprise Linux 5 as they did not include support for syscall instruction emulation. This has been addressed in Red Hat Enterprise Linux 6 via https://rhn.redhat.com/errata/RHSA-2012-
GHSA
GHSA-jq5h-388q-3jvj: The em_syscall function in arch/x86/kvm/emulate
ghsa_unreviewed·2022-05-04
CVE-2012-0045 [MEDIUM] GHSA-jq5h-388q-3jvj: The em_syscall function in arch/x86/kvm/emulate
The em_syscall function in arch/x86/kvm/emulate.c in the KVM implementation in the Linux kernel before 3.2.14 does not properly handle the 0f05 (aka syscall) opcode, which allows guest OS users to cause a denial of service (guest OS crash) via a crafted application, as demonstrated by an NASM file.
OSV
CVE-2012-0045: The em_syscall function in arch/x86/kvm/emulate
osv·2012-01-13·CVSS 4.7
CVE-2012-0045 [MEDIUM] CVE-2012-0045: The em_syscall function in arch/x86/kvm/emulate
The em_syscall function in arch/x86/kvm/emulate.c in the KVM implementation in the Linux kernel before 3.2.14 does not properly handle the 0f05 (aka syscall) opcode, which allows guest OS users to cause a denial of service (guest OS crash) via a crafted application, as demonstrated by an NASM file.
No detection rules found.
Bugzilla
CVE-2012-3387 CVE-2012-3388 CVE-2012-3389 CVE-2012-3390 CVE-2012-3391 CVE-2012-3392 CVE-2012-3393 CVE-2012-3394 CVE-2012-3395 CVE-2012-3396 CVE-2012-3397 CVE-2012-3398 moodle: upstream 2.3.1, 2.2.4, 2
bugzilla·2012-07-20·CVSS 4.0
CVE-2012-3387 [MEDIUM] CVE-2012-3387 CVE-2012-3388 CVE-2012-3389 CVE-2012-3390 CVE-2012-3391 CVE-2012-3392 CVE-2012-3393 CVE-2012-3394 CVE-2012-3395 CVE-2012-3396 CVE-2012-3397 CVE-2012-3398 moodle: upstream 2.3.1, 2.2.4, 2
CVE-2012-3387 CVE-2012-3388 CVE-2012-3389 CVE-2012-3390 CVE-2012-3391 CVE-2012-3392 CVE-2012-3393 CVE-2012-3394 CVE-2012-3395 CVE-2012-3396 CVE-2012-3397 CVE-2012-3398 moodle: upstream 2.3.1, 2.2.4, 2.1.7, 2.0.10, 1.9.19 security fixes
Moodle upstream has released versions 2.3.1, 2.2.4, 2.1.7, 2.0.10, and 1.9.19 to fix the following security flaws:
CVE-2012-3387 Moodle: MSA-12-0039: File upload validation issue
CVE-2012-3388 Moodle: MSA-12-0040: Capabilities issue through caching
CVE-2012-3389 Moodle: MSA-12-0041: XSS issue in LTI module
CVE-2012-3390 Moodle: MSA-12-0042: File access issue in blocks
CVE-2012-3391 Moodle: MSA-12-0043: Early information access issue in forum
CVE-2012-3392 Moodle: MSA-12-0044: Capability check issue in forum subscriptions
CVE-2012-3393 Moodle: MSA-12-0045:
Bugzilla
CVE-2012-0045 kernel: kvm: syscall instruction induced guest panic
bugzilla·2012-01-11·CVSS 4.7
CVE-2012-0045 [MEDIUM] CVE-2012-0045 kernel: kvm: syscall instruction induced guest panic
CVE-2012-0045 kernel: kvm: syscall instruction induced guest panic
32bit guests will crash (and 64bit guests may behave in a
wrong way) for example by simply executing following
nasm-demo-application:
[bits 32]
global _start
SECTION .text
_start: syscall
The reason seems a missing "invalid opcode"-trap (int6) for the
syscall opcode "0f05", which is not available on Intel CPUs
within non-longmodes, as also on some AMD CPUs within legacy-mode.
(depending on CPU vendor, MSR_EFER and cpuid)
Because previous mentioned OSs may not engage corresponding
syscall target-registers (STAR, LSTAR, CSTAR), they remain
NULL and (non trapping) syscalls are leading to multiple
faults and finally crashs.
Reference:
https://lkml.org/lkml/2011/12/28/170
http://www.spinics.net/lists/kvm/msg66633.html
Prop
Bugzilla
CVE-2012-0045 kernel: kvm: syscall instruction induced guest panic [fedora-all]
bugzilla·2012-01-11·CVSS 4.7
CVE-2012-0045 [MEDIUM] CVE-2012-0045 kernel: kvm: syscall instruction induced guest panic [fedora-all]
CVE-2012-0045 kernel: kvm: syscall instruction induced guest panic [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected Fedora
versions.
For comments that are specific to the vulnerability please use bugs filed
against "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When creating a Bodhi update request, please include this bug ID and the
bug IDs of this bug's parent bugs filed against the "Security Response"
product (the top-level CVE bugs). Please mention the CVE IDs being fixed
in the RPM changelog when available.
Bodhi update submission link:
https://admin.fedoraproject.org/updates/new/?type_=secu
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=c2226fc9e87ba3da060e47333657cd6616652b84http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00013.htmlhttp://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.14http://www.openwall.com/lists/oss-security/2012/01/12/2https://bugzilla.redhat.com/show_bug.cgi?id=773370https://github.com/torvalds/linux/commit/c2226fc9e87ba3da060e47333657cd6616652b84http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=c2226fc9e87ba3da060e47333657cd6616652b84http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00013.htmlhttp://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.14http://www.openwall.com/lists/oss-security/2012/01/12/2https://bugzilla.redhat.com/show_bug.cgi?id=773370https://github.com/torvalds/linux/commit/c2226fc9e87ba3da060e47333657cd6616652b84
2012-07-03
Published