CVE-2013-1935

Name of the Vulnerable Software and Affected Versions Red Hat Enterprise Linux (RHEL) 6 kernel package versions prior to 2.6.32-358.11.1.el6

Description The issue is related to a certain Red Hat patch to the KVM subsystem in the kernel package, which does not properly implement the PV EOI feature. This allows guest OS users to cause a denial of service by leveraging a time window during which interrupts are disabled but copy to user function calls are possible, resulting in a host OS crash.

Recommendations For Red Hat Enterprise Linux (RHEL) 6 kernel package versions prior to 2.6.32-358.11.1.el6, update to version 2.6.32-358.11.1.el6 or later to resolve the issue.