Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2009-3722

The handle_dr function in arch/x86/kvm/vmx.c in the KVM subsystem in the Linux kernel before 2.6.31.1 does not properly verify the Current Privilege Level (CPL) before accessing a debug register, which allows guest OS users to cause a denial of service (trap) on the host OS via a crafted application.

Related bugs and status

CVE-2009-3722 (Candidate) is related to these bugs:

Bug #395973: Please update kernel to version 2.6.24-26.34 to fix several security vulnerabilities

Summary				In	Importance	Status
	395973	Please update kernel to version 2.6.24-26.34 to fix several security vulnerabilities		The Dell Mini Project	Undecided	Confirmed

See the

CVE page on Mitre.org for more details.

References

MISC: http://www.securityfoc...
MISC: http://www.mandriva.co...
MISC: https://bugzilla.redha...
MISC: http://www.redhat.com/...
MISC: http://www.ubuntu.com/...
MISC: http://marc.info/?l=os...
MISC: http://marc.info/?l=os...
MISC: http://git.kernel.org/...
MISC: http://www.kernel.org/...
MISC: http://www.kernel.org/...
MISC: http://www.kernel.org/...
MISC: https://oval.cisecurit...