SciLinux: CVE-2009-3722 Important: kvm SL5.4 x86_64
Summary
A flaw was found in the way the x86 emulator loaded segment selectors(used for memory segmentation and protection) into segment registers. Insome guest system configurations, an unprivileged guest user couldleverage this flaw to crash the guest or possibly escalate theirprivileges within the guest. (CVE-2010-0419)The x86 emulator implementation was missing a check for the CurrentPrivilege Level (CPL) while accessing debug registers. An unprivilegeduser in a guest could leverage this flaw to crash the guest.(CVE-2009-3722)This update also fixes the following bugs:The return values of the bdrv_aio_write() and bdrv_aio_read() functionswere ignored. If an immediate failure occurred in one of thesefunctions, errors would be missed and the guest could hang or readcorrupted data. (BZ#562776)The following procedure must be performed before this update will takeeffect:1) Stop all KVM guest virtual machines.2) Either reboot the hypervisor machine or, as the root user, remove(using "modprobe -r [module]") and reload (using "modprobe [module]")all of the following modules which are currently running (determinedusing "lsmod"): kvm, ksm, kvm-intel or kvm-amd.3) Restart the KVM guest virtual machines.SL 5.xSRPMS:kvm-83-105.el5_4.27.src.rpmx86_64:kmod-kvm-83-105.el5_4.27.x86_64.rpmkvm-83-105.el5_4.27.x86_64.rpmkvm-qemu-img-83-105.el5_4.27.x86_64.rpmkvm-tools-83-105.el5_4.27.x86_64.rpm-Connie Sieh-Troy Dawson