Unrated severityNVD Advisory· Published Mar 22, 2013· Updated Jun 16, 2026
CVE-2013-1798
CVE-2013-1798
Description
The ioapic_read_indirect function in virt/kvm/ioapic.c in the Linux kernel through 3.8.4 does not properly handle a certain combination of invalid IOAPIC_REG_SELECT and IOAPIC_REG_WINDOW operations, which allows guest OS users to obtain sensitive information from host OS memory or cause a denial of service (host OS OOPS) via a crafted application.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
6cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*+ 5 more
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*range: <=3.8.4
- cpe:2.3:o:linux:linux_kernel:3.8.0:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:3.8.1:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:3.8.2:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:3.8.3:*:*:*:*:*:*:*
- (no CPE)range: <=3.8.4
Patches
Vulnerability mechanics
References
17- github.com/torvalds/linux/commit/a2c118bfab8bc6b8bb213abfc35201e441693d55nvdExploitPatch
- git.kernel.orgnvd
- lists.opensuse.org/opensuse-security-announce/2013-05/msg00018.htmlnvd
- lists.opensuse.org/opensuse-security-announce/2013-06/msg00005.htmlnvd
- lists.opensuse.org/opensuse-security-announce/2013-07/msg00018.htmlnvd
- packetstormsecurity.com/files/157233/Kernel-Live-Patch-Security-Notice-LSN-0065-1.htmlnvd
- rhn.redhat.com/errata/RHSA-2013-0727.htmlnvd
- rhn.redhat.com/errata/RHSA-2013-0744.htmlnvd
- rhn.redhat.com/errata/RHSA-2013-0746.htmlnvd
- rhn.redhat.com/errata/RHSA-2013-0928.htmlnvd
- rhn.redhat.com/errata/RHSA-2013-1026.htmlnvd
- www.mandriva.com/security/advisoriesnvd
- www.openwall.com/lists/oss-security/2013/03/20/9nvd
- www.ubuntu.com/usn/USN-1809-1nvd
- www.ubuntu.com/usn/USN-1812-1nvd
- www.ubuntu.com/usn/USN-1813-1nvd
- bugzilla.redhat.com/show_bug.cginvd
News mentions
0No linked articles in our index yet.