CVE-2013-0311

Common Vulnerabilities and Exposures

[Previous] [Index] [Next]

Upstream information

CVE-2013-0311 at MITRE

Description

The translate_desc function in drivers/vhost/vhost.c in the Linux kernel before 3.7 does not properly handle cross-region descriptors, which allows guest OS users to obtain host OS privileges by leveraging KVM guest OS privileges.

NVD CVSS v2 Base Score: 6.5 (AV:A/AC:H/Au:S/C:C/I:C/A:C)

SUSE information

Note from the SUSE Security Team

The driver was introduced in 2.6.34, so distributions before SUSE Linux Enterprise 11 SP2 are not affected.

SUSE Bugzilla entries: 804656, 871595

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
SLE 11 SERVER Unsupported Extras
  • ext4-writeable-kmp-default >= 0_3.0.74_0.6.6-0.14.50
  • ext4-writeable-kmp-trace >= 0_3.0.74_0.6.6-0.14.50
  • kernel-default-extra >= 3.0.74-0.6.6.2
Builds
SAT Patch Nr: 7671
SUSE Linux Enterprise High Availability Extension 11 SP2
  • cluster-network-kmp-default >= 1.4_3.0.74_0.6.6-2.18.36
  • cluster-network-kmp-trace >= 1.4_3.0.74_0.6.6-2.18.36
  • cluster-network-kmp-xen >= 1.4_3.0.74_0.6.6-2.18.36
  • gfs2-kmp-default >= 2_3.0.74_0.6.6-0.7.69
  • gfs2-kmp-trace >= 2_3.0.74_0.6.6-0.7.69
  • gfs2-kmp-xen >= 2_3.0.74_0.6.6-0.7.69
  • ocfs2-kmp-default >= 1.6_3.0.74_0.6.6-0.11.35
  • ocfs2-kmp-trace >= 1.6_3.0.74_0.6.6-0.11.35
  • ocfs2-kmp-xen >= 1.6_3.0.74_0.6.6-0.11.35
Builds
SAT Patch Nr: 7675
SUSE Linux Enterprise Desktop 11 SP2
  • kernel-default >= 3.0.74-0.6.6.2
  • kernel-default-base >= 3.0.74-0.6.6.2
  • kernel-default-devel >= 3.0.74-0.6.6.2
  • kernel-default-extra >= 3.0.74-0.6.6.2
  • kernel-source >= 3.0.74-0.6.6.2
  • kernel-syms >= 3.0.74-0.6.6.2
  • kernel-trace >= 3.0.74-0.6.6.2
  • kernel-trace-base >= 3.0.74-0.6.6.2
  • kernel-trace-devel >= 3.0.74-0.6.6.2
  • kernel-trace-extra >= 3.0.74-0.6.6.2
  • kernel-xen >= 3.0.74-0.6.6.2
  • kernel-xen-base >= 3.0.74-0.6.6.2
  • kernel-xen-devel >= 3.0.74-0.6.6.2
  • kernel-xen-extra >= 3.0.74-0.6.6.2
  • xen-kmp-default >= 4.1.4_02_3.0.74_0.6.6-0.5.22
  • xen-kmp-trace >= 4.1.4_02_3.0.74_0.6.6-0.5.22
Builds
SAT Patch Nr: 7675
SUSE Linux Enterprise Server 11 SP2 for VMware
  • kernel-default >= 3.0.74-0.6.6.2
  • kernel-default-base >= 3.0.74-0.6.6.2
  • kernel-default-devel >= 3.0.74-0.6.6.2
  • kernel-source >= 3.0.74-0.6.6.2
  • kernel-syms >= 3.0.74-0.6.6.2
  • kernel-trace >= 3.0.74-0.6.6.2
  • kernel-trace-base >= 3.0.74-0.6.6.2
  • kernel-trace-devel >= 3.0.74-0.6.6.2
  • kernel-xen-devel >= 3.0.74-0.6.6.2
  • xen-kmp-trace >= 4.1.4_02_3.0.74_0.6.6-0.5.22
Builds
SAT Patch Nr: 7675
SUSE Linux Enterprise Server 11 SP2
  • kernel-default >= 3.0.74-0.6.6.2
  • kernel-default-base >= 3.0.74-0.6.6.2
  • kernel-default-devel >= 3.0.74-0.6.6.2
  • kernel-ec2 >= 3.0.74-0.6.6.2
  • kernel-ec2-base >= 3.0.74-0.6.6.2
  • kernel-ec2-devel >= 3.0.74-0.6.6.2
  • kernel-source >= 3.0.74-0.6.6.2
  • kernel-syms >= 3.0.74-0.6.6.2
  • kernel-trace >= 3.0.74-0.6.6.2
  • kernel-trace-base >= 3.0.74-0.6.6.2
  • kernel-trace-devel >= 3.0.74-0.6.6.2
  • kernel-xen >= 3.0.74-0.6.6.2
  • kernel-xen-base >= 3.0.74-0.6.6.2
  • kernel-xen-devel >= 3.0.74-0.6.6.2
  • xen-kmp-default >= 4.1.4_02_3.0.74_0.6.6-0.5.22
  • xen-kmp-trace >= 4.1.4_02_3.0.74_0.6.6-0.5.22
Builds
SAT Patch Nr: 7675
SLE 11 SERVER Unsupported Extras
  • ext4-writeable-kmp-default >= 0_3.0.74_0.6.6-0.14.50
  • ext4-writeable-kmp-trace >= 0_3.0.74_0.6.6-0.14.50
  • ext4-writeable-kmp-xen >= 0_3.0.74_0.6.6-0.14.50
  • kernel-default-extra >= 3.0.74-0.6.6.2
  • kernel-xen-extra >= 3.0.74-0.6.6.2
Builds
SAT Patch Nr: 7676
SUSE Linux Enterprise High Availability Extension 11 SP2
  • cluster-network-kmp-default >= 1.4_3.0.74_0.6.6-2.18.36
  • cluster-network-kmp-trace >= 1.4_3.0.74_0.6.6-2.18.36
  • gfs2-kmp-default >= 2_3.0.74_0.6.6-0.7.69
  • gfs2-kmp-trace >= 2_3.0.74_0.6.6-0.7.69
  • ocfs2-kmp-default >= 1.6_3.0.74_0.6.6-0.11.35
  • ocfs2-kmp-trace >= 1.6_3.0.74_0.6.6-0.11.35
Builds
SAT Patch Nr: 7669
SUSE Linux Enterprise Server 11 SP2
  • kernel-default >= 3.0.74-0.6.6.2
  • kernel-default-base >= 3.0.74-0.6.6.2
  • kernel-default-devel >= 3.0.74-0.6.6.2
  • kernel-default-man >= 3.0.74-0.6.6.2
  • kernel-source >= 3.0.74-0.6.6.2
  • kernel-syms >= 3.0.74-0.6.6.2
  • kernel-trace >= 3.0.74-0.6.6.2
  • kernel-trace-base >= 3.0.74-0.6.6.2
  • kernel-trace-devel >= 3.0.74-0.6.6.2
Builds
SAT Patch Nr: 7669
SLE 11 SERVER Unsupported Extras
  • ext4-writeable-kmp-default >= 0_3.0.74_0.6.6-0.14.50
  • ext4-writeable-kmp-trace >= 0_3.0.74_0.6.6-0.14.50
  • kernel-default-extra >= 3.0.74-0.6.6.2
Builds
SAT Patch Nr: 7672
SUSE Linux Enterprise High Availability Extension 11 SP2
  • cluster-network-kmp-default >= 1.4_3.0.74_0.6.6-2.18.36
  • cluster-network-kmp-pae >= 1.4_3.0.74_0.6.6-2.18.36
  • cluster-network-kmp-trace >= 1.4_3.0.74_0.6.6-2.18.36
  • cluster-network-kmp-xen >= 1.4_3.0.74_0.6.6-2.18.36
  • gfs2-kmp-default >= 2_3.0.74_0.6.6-0.7.69
  • gfs2-kmp-pae >= 2_3.0.74_0.6.6-0.7.69
  • gfs2-kmp-trace >= 2_3.0.74_0.6.6-0.7.69
  • gfs2-kmp-xen >= 2_3.0.74_0.6.6-0.7.69
  • ocfs2-kmp-default >= 1.6_3.0.74_0.6.6-0.11.35
  • ocfs2-kmp-pae >= 1.6_3.0.74_0.6.6-0.11.35
  • ocfs2-kmp-trace >= 1.6_3.0.74_0.6.6-0.11.35
  • ocfs2-kmp-xen >= 1.6_3.0.74_0.6.6-0.11.35
Builds
SAT Patch Nr: 7667
SUSE Linux Enterprise Desktop 11 SP2
  • kernel-default >= 3.0.74-0.6.6.2
  • kernel-default-base >= 3.0.74-0.6.6.2
  • kernel-default-devel >= 3.0.74-0.6.6.2
  • kernel-default-extra >= 3.0.74-0.6.6.2
  • kernel-pae >= 3.0.74-0.6.6.2
  • kernel-pae-base >= 3.0.74-0.6.6.2
  • kernel-pae-devel >= 3.0.74-0.6.6.2
  • kernel-pae-extra >= 3.0.74-0.6.6.2
  • kernel-source >= 3.0.74-0.6.6.2
  • kernel-syms >= 3.0.74-0.6.6.2
  • kernel-trace >= 3.0.74-0.6.6.2
  • kernel-trace-base >= 3.0.74-0.6.6.2
  • kernel-trace-devel >= 3.0.74-0.6.6.2
  • kernel-trace-extra >= 3.0.74-0.6.6.2
  • kernel-xen >= 3.0.74-0.6.6.2
  • kernel-xen-base >= 3.0.74-0.6.6.2
  • kernel-xen-devel >= 3.0.74-0.6.6.2
  • kernel-xen-extra >= 3.0.74-0.6.6.2
Builds
SAT Patch Nr: 7667
SUSE Linux Enterprise Server 11 SP2 for VMware
  • kernel-default >= 3.0.74-0.6.6.2
  • kernel-default-base >= 3.0.74-0.6.6.2
  • kernel-default-devel >= 3.0.74-0.6.6.2
  • kernel-pae >= 3.0.74-0.6.6.2
  • kernel-pae-base >= 3.0.74-0.6.6.2
  • kernel-pae-devel >= 3.0.74-0.6.6.2
  • kernel-source >= 3.0.74-0.6.6.2
  • kernel-syms >= 3.0.74-0.6.6.2
  • kernel-trace >= 3.0.74-0.6.6.2
  • kernel-trace-base >= 3.0.74-0.6.6.2
  • kernel-trace-devel >= 3.0.74-0.6.6.2
  • kernel-xen-devel >= 3.0.74-0.6.6.2
Builds
SAT Patch Nr: 7667
SUSE Linux Enterprise Server 11 SP2
  • kernel-default >= 3.0.74-0.6.6.2
  • kernel-default-base >= 3.0.74-0.6.6.2
  • kernel-default-devel >= 3.0.74-0.6.6.2
  • kernel-ec2 >= 3.0.74-0.6.6.2
  • kernel-ec2-base >= 3.0.74-0.6.6.2
  • kernel-ec2-devel >= 3.0.74-0.6.6.2
  • kernel-pae >= 3.0.74-0.6.6.2
  • kernel-pae-base >= 3.0.74-0.6.6.2
  • kernel-pae-devel >= 3.0.74-0.6.6.2
  • kernel-source >= 3.0.74-0.6.6.2
  • kernel-syms >= 3.0.74-0.6.6.2
  • kernel-trace >= 3.0.74-0.6.6.2
  • kernel-trace-base >= 3.0.74-0.6.6.2
  • kernel-trace-devel >= 3.0.74-0.6.6.2
  • kernel-xen >= 3.0.74-0.6.6.2
  • kernel-xen-base >= 3.0.74-0.6.6.2
  • kernel-xen-devel >= 3.0.74-0.6.6.2
Builds
SAT Patch Nr: 7667
SUSE Linux Enterprise High Availability Extension 11 SP2
  • cluster-network-kmp-default >= 1.4_3.0.74_0.6.6-2.18.36
  • cluster-network-kmp-ppc64 >= 1.4_3.0.74_0.6.6-2.18.36
  • cluster-network-kmp-trace >= 1.4_3.0.74_0.6.6-2.18.36
  • gfs2-kmp-default >= 2_3.0.74_0.6.6-0.7.69
  • gfs2-kmp-ppc64 >= 2_3.0.74_0.6.6-0.7.69
  • gfs2-kmp-trace >= 2_3.0.74_0.6.6-0.7.69
  • ocfs2-kmp-default >= 1.6_3.0.74_0.6.6-0.11.35
  • ocfs2-kmp-ppc64 >= 1.6_3.0.74_0.6.6-0.11.35
  • ocfs2-kmp-trace >= 1.6_3.0.74_0.6.6-0.11.35
Builds
SAT Patch Nr: 7679
SUSE Linux Enterprise Server 11 SP2
  • kernel-default >= 3.0.74-0.6.6.2
  • kernel-default-base >= 3.0.74-0.6.6.2
  • kernel-default-devel >= 3.0.74-0.6.6.2
  • kernel-ppc64 >= 3.0.74-0.6.6.2
  • kernel-ppc64-base >= 3.0.74-0.6.6.2
  • kernel-ppc64-devel >= 3.0.74-0.6.6.2
  • kernel-source >= 3.0.74-0.6.6.2
  • kernel-syms >= 3.0.74-0.6.6.2
  • kernel-trace >= 3.0.74-0.6.6.2
  • kernel-trace-base >= 3.0.74-0.6.6.2
  • kernel-trace-devel >= 3.0.74-0.6.6.2
Builds
SAT Patch Nr: 7679
SLE 11 SERVER Unsupported Extras
  • ext4-writeable-kmp-default >= 0_3.0.74_0.6.6-0.14.50
  • ext4-writeable-kmp-ppc64 >= 0_3.0.74_0.6.6-0.14.50
  • ext4-writeable-kmp-trace >= 0_3.0.74_0.6.6-0.14.50
  • kernel-default-extra >= 3.0.74-0.6.6.2
  • kernel-ppc64-extra >= 3.0.74-0.6.6.2
Builds
SAT Patch Nr: 7678
SUSE Linux Enterprise Real Time 11 SP2
  • cluster-network-kmp-rt >= 1.4_3.0.74_rt98_0.6.2-2.18.37
  • cluster-network-kmp-rt_trace >= 1.4_3.0.74_rt98_0.6.2-2.18.37
  • drbd-kmp-rt >= 8.4.2_3.0.74_rt98_0.6.2-0.6.6.28
  • drbd-kmp-rt_trace >= 8.4.2_3.0.74_rt98_0.6.2-0.6.6.28
  • iscsitarget-kmp-rt >= 1.4.20_3.0.74_rt98_0.6.2-0.23.34
  • iscsitarget-kmp-rt_trace >= 1.4.20_3.0.74_rt98_0.6.2-0.23.34
  • kernel-rt >= 3.0.74.rt98-0.6.2.1
  • kernel-rt-base >= 3.0.74.rt98-0.6.2.1
  • kernel-rt-devel >= 3.0.74.rt98-0.6.2.1
  • kernel-rt_trace >= 3.0.74.rt98-0.6.2.1
  • kernel-rt_trace-base >= 3.0.74.rt98-0.6.2.1
  • kernel-rt_trace-devel >= 3.0.74.rt98-0.6.2.1
  • kernel-source-rt >= 3.0.74.rt98-0.6.2.1
  • kernel-syms-rt >= 3.0.74.rt98-0.6.2.1
  • lttng-modules-kmp-rt >= 2.0.4_3.0.74_rt98_0.6.2-0.7.30
  • lttng-modules-kmp-rt_trace >= 2.0.4_3.0.74_rt98_0.6.2-0.7.30
  • ocfs2-kmp-rt >= 1.6_3.0.74_rt98_0.6.2-0.11.36
  • ocfs2-kmp-rt_trace >= 1.6_3.0.74_rt98_0.6.2-0.11.36
  • ofed-kmp-rt >= 1.5.2_3.0.74_rt98_0.6.2-0.28.28.8
  • ofed-kmp-rt_trace >= 1.5.2_3.0.74_rt98_0.6.2-0.28.28.8
Builds
SAT Patch Nr: 7695
SUSE Linux Enterprise High Availability Extension 11 SP2
  • cluster-network-kmp-default >= 1.4_3.0.74_0.6.6-2.18.36
  • cluster-network-kmp-trace >= 1.4_3.0.74_0.6.6-2.18.36
  • gfs2-kmp-default >= 2_3.0.74_0.6.6-0.7.69
  • gfs2-kmp-trace >= 2_3.0.74_0.6.6-0.7.69
  • ocfs2-kmp-default >= 1.6_3.0.74_0.6.6-0.11.35
  • ocfs2-kmp-trace >= 1.6_3.0.74_0.6.6-0.11.35
Builds
SAT Patch Nr: 7668
SUSE Linux Enterprise Server 11 SP2
  • kernel-default >= 3.0.74-0.6.6.2
  • kernel-default-base >= 3.0.74-0.6.6.2
  • kernel-default-devel >= 3.0.74-0.6.6.2
  • kernel-source >= 3.0.74-0.6.6.2
  • kernel-syms >= 3.0.74-0.6.6.2
  • kernel-trace >= 3.0.74-0.6.6.2
  • kernel-trace-base >= 3.0.74-0.6.6.2
  • kernel-trace-devel >= 3.0.74-0.6.6.2
Builds
SAT Patch Nr: 7668
SLE 11 SERVER Unsupported Extras
  • ext4-writeable-kmp-default >= 0_3.0.74_0.6.6-0.14.50
  • ext4-writeable-kmp-pae >= 0_3.0.74_0.6.6-0.14.50
  • ext4-writeable-kmp-trace >= 0_3.0.74_0.6.6-0.14.50
  • ext4-writeable-kmp-xen >= 0_3.0.74_0.6.6-0.14.50
  • kernel-default-extra >= 3.0.74-0.6.6.2
  • kernel-pae-extra >= 3.0.74-0.6.6.2
  • kernel-xen-extra >= 3.0.74-0.6.6.2
Builds
SAT Patch Nr: 7670
openSUSE Evergreen 11.4
  • kernel-debug >= 3.0.80-52.1
  • kernel-debug-base >= 3.0.80-52.1
  • kernel-debug-base-debuginfo >= 3.0.80-52.1
  • kernel-debug-debuginfo >= 3.0.80-52.1
  • kernel-debug-debugsource >= 3.0.80-52.1
  • kernel-debug-devel >= 3.0.80-52.1
  • kernel-debug-devel-debuginfo >= 3.0.80-52.1
  • kernel-debug-hmac >= 3.0.80-52.1
  • kernel-default >= 3.0.80-52.1
  • kernel-default-base >= 3.0.80-52.1
  • kernel-default-base-debuginfo >= 3.0.80-52.1
  • kernel-default-debuginfo >= 3.0.80-52.1
  • kernel-default-debugsource >= 3.0.80-52.1
  • kernel-default-devel >= 3.0.80-52.1
  • kernel-default-devel-debuginfo >= 3.0.80-52.1
  • kernel-default-hmac >= 3.0.80-52.1
  • kernel-desktop >= 3.0.80-52.1
  • kernel-desktop-base >= 3.0.80-52.1
  • kernel-desktop-base-debuginfo >= 3.0.80-52.1
  • kernel-desktop-debuginfo >= 3.0.80-52.1
  • kernel-desktop-debugsource >= 3.0.80-52.1
  • kernel-desktop-devel >= 3.0.80-52.1
  • kernel-desktop-devel-debuginfo >= 3.0.80-52.1
  • kernel-desktop-hmac >= 3.0.80-52.1
  • kernel-docs >= 3.0.80-52.2
  • kernel-ec2 >= 3.0.80-52.1
  • kernel-ec2-base >= 3.0.80-52.1
  • kernel-ec2-base-debuginfo >= 3.0.80-52.1
  • kernel-ec2-debuginfo >= 3.0.80-52.1
  • kernel-ec2-debugsource >= 3.0.80-52.1
  • kernel-ec2-devel >= 3.0.80-52.1
  • kernel-ec2-devel-debuginfo >= 3.0.80-52.1
  • kernel-ec2-extra >= 3.0.80-52.1
  • kernel-ec2-extra-debuginfo >= 3.0.80-52.1
  • kernel-ec2-hmac >= 3.0.80-52.1
  • kernel-pae >= 3.0.80-52.1
  • kernel-pae-base >= 3.0.80-52.1
  • kernel-pae-base-debuginfo >= 3.0.80-52.1
  • kernel-pae-debuginfo >= 3.0.80-52.1
  • kernel-pae-debugsource >= 3.0.80-52.1
  • kernel-pae-devel >= 3.0.80-52.1
  • kernel-pae-devel-debuginfo >= 3.0.80-52.1
  • kernel-pae-hmac >= 3.0.80-52.1
  • kernel-source >= 3.0.80-52.1
  • kernel-source-vanilla >= 3.0.80-52.1
  • kernel-syms >= 3.0.80-52.1
  • kernel-trace >= 3.0.80-52.1
  • kernel-trace-base >= 3.0.80-52.1
  • kernel-trace-base-debuginfo >= 3.0.80-52.1
  • kernel-trace-debuginfo >= 3.0.80-52.1
  • kernel-trace-debugsource >= 3.0.80-52.1
  • kernel-trace-devel >= 3.0.80-52.1
  • kernel-trace-devel-debuginfo >= 3.0.80-52.1
  • kernel-trace-hmac >= 3.0.80-52.1
  • kernel-vanilla >= 3.0.80-52.1
  • kernel-vanilla-base >= 3.0.80-52.1
  • kernel-vanilla-base-debuginfo >= 3.0.80-52.1
  • kernel-vanilla-debuginfo >= 3.0.80-52.1
  • kernel-vanilla-debugsource >= 3.0.80-52.1
  • kernel-vanilla-devel >= 3.0.80-52.1
  • kernel-vanilla-devel-debuginfo >= 3.0.80-52.1
  • kernel-vanilla-hmac >= 3.0.80-52.1
  • kernel-vmi >= 3.0.80-52.1
  • kernel-vmi-base >= 3.0.80-52.1
  • kernel-vmi-base-debuginfo >= 3.0.80-52.1
  • kernel-vmi-debuginfo >= 3.0.80-52.1
  • kernel-vmi-debugsource >= 3.0.80-52.1
  • kernel-vmi-devel >= 3.0.80-52.1
  • kernel-vmi-devel-debuginfo >= 3.0.80-52.1
  • kernel-vmi-hmac >= 3.0.80-52.1
  • kernel-xen >= 3.0.80-52.1
  • kernel-xen-base >= 3.0.80-52.1
  • kernel-xen-base-debuginfo >= 3.0.80-52.1
  • kernel-xen-debuginfo >= 3.0.80-52.1
  • kernel-xen-debugsource >= 3.0.80-52.1
  • kernel-xen-devel >= 3.0.80-52.1
  • kernel-xen-devel-debuginfo >= 3.0.80-52.1
  • kernel-xen-hmac >= 3.0.80-52.1
  • preload >= 1.2-6.35.1
  • preload-debuginfo >= 1.2-6.35.1
  • preload-debugsource >= 1.2-6.35.1
  • preload-kmp-default >= 1.2_3.0.80_52-6.35.1
  • preload-kmp-default-debuginfo >= 1.2_3.0.80_52-6.35.1
  • preload-kmp-desktop >= 1.2_3.0.80_52-6.35.1
  • preload-kmp-desktop-debuginfo >= 1.2_3.0.80_52-6.35.1
Patchnames:
2013-109