4.9

CVE-2009-2287

The kvm_arch_vcpu_ioctl_set_sregs function in the KVM in Linux kernel 2.6 before 2.6.30, when running on x86 systems, does not validate the page table root in a KVM_SET_SREGS call, which allows local users to cause a denial of service (crash or hang) via a crafted cr3 value, which triggers a NULL pointer dereference in the gfn_to_rmap function.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 2.6.0 < 2.6.30
CanonicalUbuntu Linux Version6.06
CanonicalUbuntu Linux Version8.04
CanonicalUbuntu Linux Version8.10
CanonicalUbuntu Linux Version9.04
DebianDebian Linux Version4.0
DebianDebian Linux Version5.0
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.4% 0.314
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 4.9 3.9 6.9
AV:L/AC:L/Au:N/C:N/I:N/A:C
CWE-476 NULL Pointer Dereference

The product dereferences a pointer that it expects to be valid but is NULL.

http://secunia.com/advisories/36045
Broken Link
http://www.ubuntu.com/usn/usn-807-1
Third Party Advisory
http://git.kernel.org/?p=linux/kernel/git/stable/stable-queue.git%3Ba=blob%3Bf=queue-2.6.30/kvm-x86-check-for-cr3-validity-in-ioctl_set_sregs.patch%3Bh=b48a47dad2cf76358b327368f80c0805e6370c68%3Bhb=e7c45b24f298b5d9efd7d401150f64a1b51aaac4
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=59839dfff5eabca01cc4e20b45797a60a80af8cb
http://secunia.com/advisories/35675
Broken Link
http://secunia.com/advisories/36054
Broken Link
http://sourceforge.net/tracker/?func=detail&atid=893831&aid=2687641&group_id=180599
Third Party Advisory
http://www.debian.org/security/2009/dsa-1845
Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDVSA-2010:198
Broken Link
http://www.openwall.com/lists/oss-security/2009/06/30/1
Patch
Third Party Advisory
Mailing List