NULL pointer dereference vulnerability in KVM's create_pit_timer function

NULL pointer dereference vulnerability in KVM's create_pit_timer function

CVE-2011-4622 · MEDIUM Severity

AV:L/AC:L/AU:N/C:N/I:N/A:C

The create_pit_timer function in arch/x86/kvm/i8254.c in KVM 83, and possibly other versions, does not properly handle when Programmable Interval Timer (PIT) interrupt requests (IRQs) when a virtual interrupt controller (irqchip) is not available, which allows local users to cause a denial of service (NULL pointer dereference) by starting a timer.

Learn more about our User Device Pen Test.