Your submission was sent successfully! Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

CVE-2009-2287

Published: 1 July 2009

The kvm_arch_vcpu_ioctl_set_sregs function in the KVM in Linux kernel 2.6 before 2.6.30, when running on x86 systems, does not validate the page table root in a KVM_SET_SREGS call, which allows local users to cause a denial of service (crash or hang) via a crafted cr3 value, which triggers a NULL pointer dereference in the gfn_to_rmap function.

From the Ubuntu Security Team

Matt T. Yourst discovered that KVM did not correctly validate the page table root. A local attacker could exploit this to crash the system, leading to a denial of service.

Notes

AuthorNote
jdstrand
code does not exist in qemu-kvm, and is part of the kernel code

Priority

Medium

Status

Package Release Status
kvm
Launchpad, Ubuntu, Debian
dapper Does not exist

hardy Ignored
(end of life)
intrepid Ignored
(end of life, was needed)
jaunty Ignored
(end of life)
karmic Does not exist

lucid Does not exist

maverick Does not exist

natty Does not exist

upstream
Released (85+dfsg-4)
Patches:
other: http://sourceforge.net/tracker/?func=detail&atid=893831&aid=2687641&group_id=180599

Binaries built from this source package are in Universe and so are supported by the community.
linux
Launchpad, Ubuntu, Debian
dapper Does not exist

hardy
Released (2.6.24-24.57)
intrepid
Released (2.6.27-14.37)
jaunty
Released (2.6.28-14.47)
karmic Not vulnerable
(2.6.31.1.11)
lucid Not vulnerable
(2.6.31.1.11)
maverick Not vulnerable
(2.6.31.1.11)
natty Not vulnerable
(2.6.31.1.11)
upstream
Released (2.6.31~rc1)
Patches:

Introduced by

1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Fixed by 59839dfff5eabca01cc4e20b45797a60a80af8cb
linux-ec2
Launchpad, Ubuntu, Debian
dapper Does not exist

hardy Does not exist

intrepid Does not exist

jaunty Does not exist

karmic Not vulnerable
(2.6.31.1.11)
lucid Not vulnerable
(2.6.31.1.11)
maverick Ignored
(end of life)
natty Does not exist

upstream
Released (2.6.31~rc1)
linux-fsl-imx51
Launchpad, Ubuntu, Debian
dapper Does not exist

hardy Does not exist

karmic Not vulnerable

lucid Not vulnerable

maverick Does not exist

natty Does not exist

upstream
Released (2.6.31~rc1)
linux-lts-backport-maverick
Launchpad, Ubuntu, Debian
dapper Does not exist

hardy Does not exist

intrepid Does not exist

jaunty Does not exist

karmic Does not exist

lucid Not vulnerable

maverick Does not exist

natty Does not exist

upstream
Released (2.6.31~rc1)
linux-mvl-dove
Launchpad, Ubuntu, Debian
dapper Does not exist

hardy Does not exist

karmic Ignored
(end of life)
lucid Not vulnerable

maverick Not vulnerable

natty Does not exist

upstream
Released (2.6.31~rc1)
linux-source-2.6.15
Launchpad, Ubuntu, Debian
dapper
Released (2.6.15-54.78)
hardy Does not exist

intrepid Does not exist

jaunty Does not exist

karmic Does not exist

lucid Does not exist

maverick Does not exist

natty Does not exist

upstream
Released (2.6.31~rc1)
linux-ti-omap4
Launchpad, Ubuntu, Debian
dapper Does not exist

hardy Does not exist

karmic Does not exist

lucid Does not exist

maverick Not vulnerable

natty Not vulnerable

upstream
Released (2.6.31~rc1)
qemu-kvm
Launchpad, Ubuntu, Debian
dapper Does not exist

hardy Does not exist

intrepid Does not exist

jaunty Does not exist

karmic Not vulnerable

lucid Not vulnerable

maverick Not vulnerable

natty Not vulnerable

upstream Not vulnerable