Buffer Overflow and Memory Corruption Vulnerability in Linux Kernel's kvm_set_msr_common Function

Buffer Overflow and Memory Corruption Vulnerability in Linux Kernel's kvm_set_msr_common Function

CVE-2013-1796 · MEDIUM Severity

AV:A/AC:H/AU:N/C:C/I:C/A:C

The kvm_set_msr_common function in arch/x86/kvm/x86.c in the Linux kernel through 3.8.4 does not ensure a required time_page alignment during an MSR_KVM_SYSTEM_TIME operation, which allows guest OS users to cause a denial of service (buffer overflow and host OS memory corruption) or possibly have unspecified other impact via a crafted application.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.