KVM qemu-kvm "ext4_fill_flex_info()" Denial of Service
KVM qemu-kvm "ext4_fill_flex_info()" Denial of Service Vulnerability
Release Date : 2012-04-09
Criticality level : Not critical
Impact : DoS
Where : Local system
Solution Status : Vendor Workaround
Software: KVM (Kernel-based Virtual Machine)
A vulnerability has been reported in KVM qemu-kvm, which can be exploited by malicious, local users in a guest virtual machine to cause a DoS (Denial of Service).
The vulnerability is caused due to an error within the "ext4_fill_flex_info()" function in fs/ext4/super.c when mounting a file system and can be exploited to cause a division by zero.
Fixed in the GIT repository.
Provided and/or discovered by:
Reported by the vendor.