Use-after-free vulnerability in arch/x86/kvm/x86.c in the Linux kernel through 3.8.4 allows guest OS users to cause a denial of service (host OS memory corruption) or possibly have unspecified other impact via a crafted application that triggers use of a guest physical address (GPA) in (1) movable or (2) removable memory during an MSR_KVM_SYSTEM_TIME kvm_set_msr_common operation.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Linux_kernel | Linux | * | 3.8.4 (including) |
| Linux_kernel | Linux | 3.8.0 (including) | 3.8.0 (including) |
| Linux_kernel | Linux | 3.8.1 (including) | 3.8.1 (including) |
| Linux_kernel | Linux | 3.8.2 (including) | 3.8.2 (including) |
| Linux_kernel | Linux | 3.8.3 (including) | 3.8.3 (including) |
| Red Hat Enterprise Linux 5 | RedHat | kvm-0:83-262.el5_9.3 | * |
| Red Hat Enterprise Linux 6 | RedHat | kernel-0:2.6.32-358.6.1.el6 | * |
| Red Hat Enterprise Linux 6.2 EUS - Server and Compute Node Only | RedHat | kernel-0:2.6.32-220.39.1.el6 | * |
| Red Hat Enterprise Linux 6.3 EUS - Server and Compute Node Only | RedHat | kernel-0:2.6.32-279.31.1.el6 | * |
| RHEV 3.X Hypervisor and Agents for RHEL-6 | RedHat | rhev-hypervisor6-0:6.4-20130415.0.el6_4 | * |
| Linux | Ubuntu | hardy | * |
| Linux | Ubuntu | lucid | * |
| Linux | Ubuntu | oneiric | * |
| Linux | Ubuntu | precise | * |
| Linux | Ubuntu | quantal | * |
| Linux | Ubuntu | upstream | * |
| Linux-armadaxp | Ubuntu | precise | * |
| Linux-armadaxp | Ubuntu | upstream | * |
| Linux-ec2 | Ubuntu | lucid | * |
| Linux-ec2 | Ubuntu | upstream | * |
| Linux-flo | Ubuntu | upstream | * |
| Linux-fsl-imx51 | Ubuntu | lucid | * |
| Linux-fsl-imx51 | Ubuntu | upstream | * |
| Linux-goldfish | Ubuntu | saucy | * |
| Linux-goldfish | Ubuntu | trusty | * |
| Linux-goldfish | Ubuntu | trusty/esm | * |
| Linux-goldfish | Ubuntu | upstream | * |
| Linux-grouper | Ubuntu | saucy | * |
| Linux-grouper | Ubuntu | trusty | * |
| Linux-grouper | Ubuntu | upstream | * |
| Linux-grouper | Ubuntu | utopic | * |
| Linux-linaro-omap | Ubuntu | oneiric | * |
| Linux-linaro-omap | Ubuntu | precise | * |
| Linux-linaro-omap | Ubuntu | quantal | * |
| Linux-linaro-omap | Ubuntu | upstream | * |
| Linux-linaro-shared | Ubuntu | oneiric | * |
| Linux-linaro-shared | Ubuntu | precise | * |
| Linux-linaro-shared | Ubuntu | quantal | * |
| Linux-linaro-shared | Ubuntu | upstream | * |
| Linux-linaro-vexpress | Ubuntu | oneiric | * |
| Linux-linaro-vexpress | Ubuntu | precise | * |
| Linux-linaro-vexpress | Ubuntu | quantal | * |
| Linux-linaro-vexpress | Ubuntu | upstream | * |
| Linux-lts-backport-maverick | Ubuntu | lucid | * |
| Linux-lts-backport-maverick | Ubuntu | upstream | * |
| Linux-lts-backport-oneiric | Ubuntu | lucid | * |
| Linux-lts-backport-oneiric | Ubuntu | upstream | * |
| Linux-lts-quantal | Ubuntu | precise | * |
| Linux-lts-quantal | Ubuntu | upstream | * |
| Linux-lts-raring | Ubuntu | upstream | * |
| Linux-lts-saucy | Ubuntu | upstream | * |
| Linux-lts-trusty | Ubuntu | upstream | * |
| Linux-lts-utopic | Ubuntu | upstream | * |
| Linux-lts-vivid | Ubuntu | upstream | * |
| Linux-maguro | Ubuntu | saucy | * |
| Linux-maguro | Ubuntu | trusty | * |
| Linux-maguro | Ubuntu | upstream | * |
| Linux-mako | Ubuntu | saucy | * |
| Linux-mako | Ubuntu | upstream | * |
| Linux-manta | Ubuntu | saucy | * |
| Linux-manta | Ubuntu | upstream | * |
| Linux-mvl-dove | Ubuntu | lucid | * |
| Linux-mvl-dove | Ubuntu | upstream | * |
| Linux-qcm-msm | Ubuntu | lucid | * |
| Linux-qcm-msm | Ubuntu | oneiric | * |
| Linux-qcm-msm | Ubuntu | precise | * |
| Linux-qcm-msm | Ubuntu | quantal | * |
| Linux-qcm-msm | Ubuntu | upstream | * |
| Linux-raspi2 | Ubuntu | upstream | * |
| Linux-raspi2 | Ubuntu | vivid/ubuntu-core | * |
| Linux-ti-omap4 | Ubuntu | precise | * |
| Linux-ti-omap4 | Ubuntu | upstream | * |