Memory Leak and Host OS Crash Vulnerability in Linux Kernel's KVM Implementation

Memory Leak and Host OS Crash Vulnerability in Linux Kernel's KVM Implementation

CVE-2012-2121 · MEDIUM Severity

AV:L/AC:L/AU:N/C:N/I:N/A:C

The KVM implementation in the Linux kernel before 3.3.4 does not properly manage the relationships between memory slots and the iommu, which allows guest OS users to cause a denial of service (memory leak and host OS crash) by leveraging administrative access to the guest OS to conduct hotunplug and hotplug operations on devices.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.