12 Jan 2012
29 Feb 2012
DoS (Denial of Service)
This includes vulnerabilities ranging from excessive resource consumption (e.g. causing a system to use a lot of memory) to crashing an application or an entire system.
Two vulnerabilities have been reported in the Linux Kernel, which can be exploited by malicious, local users and malicious, local users in a guest virtual machine to cause a DoS (Denial of Service).
1) An error due to KVM not properly handling the "syscall" instruction (opcode 0f05) in certain CPU modes on some CPU models can be exploited to e.g. crash 32-bit guest machines and 64-bit guest machines to behave incorrectly by running a specially crafted executable.
2) An error in the "cifs_lookup()" function (fs/cifs/dir.c) when performing a lookup on certain files may result in an incorrect reference count when a special file is encountered (e.g. FIFO) and crash the system during the unmount.
Restrict access to trusted users only.
1) Stephan Bärwolf