Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2009-3290

The kvm_emulate_hypercall function in arch/x86/kvm/x86.c in KVM in the Linux kernel 2.6.25-rc1, and other versions before 2.6.31, when running on x86 systems, does not prevent access to MMU hypercalls from ring 0, which allows local guest OS users to cause a denial of service (guest kernel crash) and read or write guest kernel memory via unspecified "random addresses."

Related bugs and status

CVE-2009-3290 (Candidate) is related to these bugs:

Bug #395973: Please update kernel to version 2.6.24-26.34 to fix several security vulnerabilities

Summary				In	Importance	Status
	395973	Please update kernel to version 2.6.24-26.34 to fix several security vulnerabilities		The Dell Mini Project	Undecided	Confirmed

See the

CVE page on Mitre.org for more details.

References

MLIST: [oss-security] 2009091...
MLIST: [oss-security] 2009092...
CONFIRM: http://git.kernel.org/...
CONFIRM: http://patchwork.kerne...
CONFIRM: https://bugzilla.redha...
MLIST: [oss-security] 2009092...
REDHAT: RHSA-2009:1465
UBUNTU: USN-852-1
SECUNIA: 37105
OVAL: oval:org.mitre.oval:de...