Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 476
Alerts This Week
Warning Icon 1 476

Debian: DSA-1962-1 Critical: KVM Local DoS Risks And Integer Overflow

debian
Calendar Grey December 23, 2009
Debian Logo
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ----------------------------------------------------
Several vulnerabilities have been discovered in kvm, a full virtualization system

Summary


Several vulnerabilities have been discovered in kvm, a full virtualization system.
The Common Vulnerabilities and Exposures project identifies the
following problems:

CVE-2009-3638

It was discovered an Integer overflow in the kvm_dev_ioctl_get_supported_cpuid
function. This allows local users to have an unspecified impact via a
KVM_GET_SUPPORTED_CPUID request to the kvm_arch_dev_ioctl function.


CVE-2009-3722

It was discovered that the handle_dr function in the KVM subsystem does not
properly verify the Current Privilege Level (CPL) before accessing a debug
register, which allows guest OS users to cause a denial of service (trap) on the
host OS via a crafted application.


CVE-2009-4031

It was discovered that the do_insn_fetch function in the x86 emulator in the KVM
subsystem tries to interpret instructions that contain too many bytes to be
valid, which allows guest OS users to cause a denial of service (increased
scheduling latency) on the host OS via unspecified manipulations related to SMP
support.


F...

Read the Full Advisory

Severity
critical
Lowest
Low
Medium
High
Critical

Package: kvm

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.