Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com

CVE-2013-1796

Description

The kvm_set_msr_common function in arch/x86/kvm/x86.c in the Linux kernel through 3.8.4 does not ensure a required time_page alignment during an MSR_KVM_SYSTEM_TIME operation, which allows guest OS users to cause a denial of service (buffer overflow and host OS memory corruption) or possibly have unspecified other impact via a crafted application.

POC

Reference

- http://www.mandriva.com/security/advisories?name=MDVSA-2013:176

- http://www.ubuntu.com/usn/USN-1808-1

Github

No PoCs found on GitHub currently.