CVE-2013-5634

arch/arm/kvm/arm.c in the Linux kernel before 3.10 on the ARM platform, when KVM is used, allows host OS users to cause a denial of service (NULL pointer dereference, OOPS, and host OS crash) or possibly have unspecified other impact by omitting vCPU initialization before a KVM_GET_REG_LIST ioctl call.

Published: Sep 25, 2013
Updated: Apr 13, 2023
CVE: CVE-2013-5634
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 4.3
AV:A/AC:H/Au:S/C:N/I:N/A:C

CWEs:

CWE-399

Affected Software
References

Software	From	Fixed in
linux / linux_kernel	3.9.0	3.9.0.x
linux / linux_kernel	3.9.3	3.9.3.x
linux / linux_kernel	3.9.8	3.9.8.x
linux / linux_kernel	3.9.1	3.9.1.x
linux / linux_kernel	3.9.6	3.9.6.x
linux / linux_kernel	3.9.5	3.9.5.x
linux / linux_kernel	3.9.9	3.9.9.x
linux / linux_kernel	3.9.4	3.9.4.x
linux / linux_kernel	3.9.10	3.9.10.x
linux / linux_kernel	3.9.7	3.9.7.x
linux / linux_kernel	-	3.9.11.x
linux / linux_kernel	3.9.2	3.9.2.x

http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=e8180dcaa8470ceca21109f143876fdcd9fe050a
http://www.openwall.com/lists/oss-security/2013/08/26/4
http://www.securityfocus.com/bid/61995
https://github.com/torvalds/linux/commit/e8180dcaa8470ceca21109f143876fdcd9fe050a
https://www.kernel.org/pub/linux/kernel/v3.x/patch-3.10.bz2

Vulnerability Database

290,301

CVE-2013-5634