Unrated severityNVD Advisory· Published Jan 22, 2013· Updated Jun 16, 2026
CVE-2012-4461
CVE-2012-4461
Description
The KVM subsystem in the Linux kernel before 3.6.9, when running on hosts that use qemu userspace without XSAVE, allows local users to cause a denial of service (kernel OOPS) by using the KVM_SET_SREGS ioctl to set the X86_CR4_OSXSAVE bit in the guest cr4 register, then calling the KVM_RUN ioctl.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
9cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*+ 8 more
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*range: <=3.6.8
- cpe:2.3:o:linux:linux_kernel:3.6:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:3.6.1:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:3.6.2:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:3.6.3:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:3.6.4:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:3.6.5:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:3.6.6:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:3.6.7:*:*:*:*:*:*:*
Patches
Vulnerability mechanics
References
11- article.gmane.org/gmane.comp.emulators.kvm.devel/100742nvd
- git.kernel.orgnvd
- lists.opensuse.org/opensuse-security-announce/2013-06/msg00005.htmlnvd
- rhn.redhat.com/errata/RHSA-2013-0223.htmlnvd
- rhn.redhat.com/errata/RHSA-2013-0882.htmlnvd
- secunia.com/advisories/51160nvd
- www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.6.9nvd
- www.openwall.com/lists/oss-security/2012/11/06/14nvd
- www.securityfocus.com/bid/56414nvd
- bugzilla.redhat.com/show_bug.cginvd
- www.suse.com/support/update/announcement/2012/suse-su-20121679-1.htmlnvd
News mentions
0No linked articles in our index yet.