CVE-2012-2137

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 3.2.24 openSUSE systemtap-runtime-debuginfo (affected versions not specified) openSUSE systemtap-sdt-devel (affected versions not specified) openSUSE systemtap (affected versions not specified) openSUSE libvmtools0 (affected versions not specified) openSUSE systemtap-client (affected versions not specified) openSUSE systemtap-client-debuginfo (affected versions not specified) openSUSE systemtap-server-debuginfo (affected versions not specified) openSUSE libvmtools0-debuginfo (affected versions not specified) openSUSE systemtap-runtime (affected versions not specified) openSUSE systemtap-server (affected versions not specified) openSUSE systemtap-debuginfo (affected versions not specified) openSUSE libvmtools-devel (affected versions not specified) openSUSE systemtap-debugsource (affected versions not specified)

Description The issue is related to a buffer overflow in the KVM subsystem of the Linux kernel, which can cause a denial of service or possibly execute arbitrary code via vectors related to Message Signaled Interrupts, irq routing entries, and an incorrect check by the setup routing entry function before invoking the kvm set irq function. Additionally, multiple vulnerabilities have been identified in various openSUSE packages, including systemtap and libvmtools, which can lead to a disruption of protected information and can be exploited remotely.

Recommendations For Linux kernel versions prior to 3.2.24, update to version 3.2.24 or later to resolve the issue. For openSUSE systemtap-runtime-debuginfo, systemtap-sdt-devel, systemtap, libvmtools0, systemtap-client, systemtap-client-debuginfo, systemtap-server-debuginfo, libvmtools0-debuginfo, systemtap-runtime, systemtap-server, systemtap-debuginfo, libvmtools-devel, and systemtap-debugsource, at the moment, there is no information about a newer version that contains a fix for this vulnerability.