Your submission was sent successfully! Close

CVE-2011-4622

Published: 27 January 2012

The create_pit_timer function in arch/x86/kvm/i8254.c in KVM 83, and possibly other versions, does not properly handle when Programmable Interval Timer (PIT) interrupt requests (IRQs) when a virtual interrupt controller (irqchip) is not available, which allows local users to cause a denial of service (NULL pointer dereference) by starting a timer. BUG: unable to handle kernel NULL pointer dereference at 0000000000000128 IP: [<ffffffffa10f6280>] kvm_set_irq+0x30/0x170 [kvm] ... Call Trace: [<ffffffffa11228c1>] pit_do_work+0x51/0xd0 [kvm] [<ffffffff81071431>] process_one_work+0x111/0x4d0 [<ffffffff81071bb2>] worker_thread+0x152/0x340 [<ffffffff81075c8e>] kthread+0x7e/0x90 [<ffffffff815a4474>] kernel_thread_helper+0x4/0x10

From the Ubuntu Security Team

A flaw was found in KVM's Programmable Interval Timer (PIT). When a virtual interrupt control is not available a local user could use this to cause a denial of service by starting a timer.

Priority

Low

Status

Package Release Status
linux
Launchpad, Ubuntu, Debian
upstream
Released (3.2)
Patches:
Introduced by

7837699fa6d7adf81f26ab73a5f6897ea1ab9d6a

Fixed by 0924ab2cfa98b1ece26c033d696651fd62896c69
linux-aws
Launchpad, Ubuntu, Debian
upstream
Released (3.2)
linux-ec2
Launchpad, Ubuntu, Debian
upstream
Released (3.2)
linux-flo
Launchpad, Ubuntu, Debian
upstream
Released (3.2)
linux-fsl-imx51
Launchpad, Ubuntu, Debian
upstream
Released (3.2)
linux-gke
Launchpad, Ubuntu, Debian
upstream
Released (3.2)
linux-goldfish
Launchpad, Ubuntu, Debian
upstream
Released (3.2)
linux-grouper
Launchpad, Ubuntu, Debian
upstream
Released (3.2)
linux-hwe
Launchpad, Ubuntu, Debian
upstream
Released (3.2)
linux-hwe-edge
Launchpad, Ubuntu, Debian
upstream
Released (3.2)
linux-lts-backport-maverick
Launchpad, Ubuntu, Debian
upstream
Released (3.2)
linux-lts-backport-natty
Launchpad, Ubuntu, Debian
upstream
Released (3.2)
linux-lts-backport-oneiric
Launchpad, Ubuntu, Debian
upstream
Released (3.2)
linux-lts-trusty
Launchpad, Ubuntu, Debian
upstream
Released (3.2)
linux-lts-utopic
Launchpad, Ubuntu, Debian
upstream
Released (3.2)
linux-lts-vivid
Launchpad, Ubuntu, Debian
upstream
Released (3.2)
linux-lts-wily
Launchpad, Ubuntu, Debian
upstream
Released (3.2)
linux-lts-xenial
Launchpad, Ubuntu, Debian
upstream
Released (3.2)
linux-maguro
Launchpad, Ubuntu, Debian
upstream
Released (3.2)
linux-mako
Launchpad, Ubuntu, Debian
upstream
Released (3.2)
linux-manta
Launchpad, Ubuntu, Debian
upstream
Released (3.2)
linux-mvl-dove
Launchpad, Ubuntu, Debian
upstream
Released (3.2)
linux-raspi2
Launchpad, Ubuntu, Debian
upstream
Released (3.2)
linux-snapdragon
Launchpad, Ubuntu, Debian
upstream
Released (3.2)
linux-ti-omap4
Launchpad, Ubuntu, Debian
upstream
Released (3.2)