CVE-2009-4031

Description

The do_insn_fetch function in arch/x86/kvm/emulate.c in the x86 emulator in the KVM subsystem in the Linux kernel before 2.6.32-rc8-next-20091125 tries to interpret instructions that contain too many bytes to be valid, which allows guest OS users to cause a denial of service (increased scheduling latency) on the host OS via unspecified manipulations related to SMP support.

CVSS Metrics

• v2.0•HIGH•Score: 7.8AV:N/AC:L/Au:N/C:N/I:N/A:C

EPSS Trends

Current EPSS score: 2.11%• Percentile: 84%

Techniques & Countermeasures

• CWE-20•Improper Input Validation

  The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

Affected Systems

• linux•linux_kernel

  < 2.6.32 | 2.6.32 | 2.6.32:rc1 | 2.6.32:rc2 | 2.6.32:rc3 | 2.6.32:rc4 | 2.6.32:rc5 | 2.6.32:rc6 | 2.6.32:rc7

References (10)

• http://www.openwall.com/lists/oss-security/2009/11/25/1
• http://secunia.com/advisories/37720
• http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00006.html
• http://www.kernel.org/pub/linux/kernel/v2.6/next/patch-v2.6.32-rc8-next-20091125.gz
• https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11089
• http://www.openwall.com/lists/oss-security/2009/11/25/3
• https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00777.html
• http://git.kernel.org/?p=linux/kernel/git/avi/kvm.git%3Ba=commit%3Bh=e42d9b8141d1f54ff72ad3850bb110c95a5f3b88
• http://www.securityfocus.com/bid/37130
• https://bugzilla.redhat.com/show_bug.cgi?id=541160