CVE-2013-5634 | Vulnerability Database | Aqua Security

arch/arm/kvm/arm.c in the Linux kernel before 3.10 on the ARM platform, when KVM is used, allows host OS users to cause a denial of service (NULL pointer dereference, OOPS, and host OS crash) or possibly have unspecified other impact by omitting vCPU initialization before a KVM_GET_REG_LIST ioctl call.

Affected Software

Name	Vendor	Start Version	End Version
Linux_kernel	Linux	*	3.9.11 (including)
Linux_kernel	Linux	3.9.0 (including)	3.9.0 (including)
Linux_kernel	Linux	3.9.1 (including)	3.9.1 (including)
Linux_kernel	Linux	3.9.2 (including)	3.9.2 (including)
Linux_kernel	Linux	3.9.3 (including)	3.9.3 (including)
Linux_kernel	Linux	3.9.4 (including)	3.9.4 (including)
Linux_kernel	Linux	3.9.5 (including)	3.9.5 (including)
Linux_kernel	Linux	3.9.6 (including)	3.9.6 (including)
Linux_kernel	Linux	3.9.7 (including)	3.9.7 (including)
Linux_kernel	Linux	3.9.8 (including)	3.9.8 (including)
Linux_kernel	Linux	3.9.9 (including)	3.9.9 (including)
Linux_kernel	Linux	3.9.10 (including)	3.9.10 (including)

References

http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=e8180dcaa8470ceca21109f143876fdcd9fe050a
http://www.openwall.com/lists/oss-security/2013/08/26/4
http://www.securityfocus.com/bid/61995
https://github.com/torvalds/linux/commit/e8180dcaa8470ceca21109f143876fdcd9fe050a
https://www.kernel.org/pub/linux/kernel/v3.x/patch-3.10.bz2

NVD	https://nvd.nist.gov/vuln/detail/CVE-2013-5634
CWE	https://cwe.mitre.org/data/definitions/399.html