The main function in tools/hv/hv_kvp_daemon.c in hypervkvpd, as distributed in the Linux kernel before 3.8-rc1, allows local users to cause a denial of service (daemon exit) via a crafted application that sends a Netlink message. NOTE: this vulnerability exists because of an incorrect fix for CVE-2012-2669.
The Red Hat Security Response Team has rated this issue as having low security impact. A future update may address this issue. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.
CVE-2012-5532 hypervkvpd: Netlink source address validation allows denial of service
This issue was discovered by Florian Weimer of the Red Hat Product Security
Red Hat Security Errata
|Red Hat Enterprise Linux 5 (hypervkvpd)
|Red Hat Enterprise Linux Virtualization 5 (hypervkvpd)
Affected Packages State
|Red Hat Enterprise Linux 6