Executive Summary
Summary | |
---|---|
Title | New kvm packages fix several vulnerabilities |
Informations | |||
---|---|---|---|
Name | DSA-1962 | First vendor Publication | 2009-12-23 |
Vendor | Debian | Last vendor Modification | 2009-12-23 |
Severity (Vendor) | N/A | Revision | 1 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:C) | |||
---|---|---|---|
Cvss Base Score | 7.8 | Attack Range | Network |
Cvss Impact Score | 6.9 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Several vulnerabilities have been discovered in kvm, a full virtualization system. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2009-3638 It was discovered an Integer overflow in the kvm_dev_ioctl_get_supported_cpuid function. This allows local users to have an unspecified impact via a KVM_GET_SUPPORTED_CPUID request to the kvm_arch_dev_ioctl function. CVE-2009-3722 It was discovered that the handle_dr function in the KVM subsystem does not properly verify the Current Privilege Level (CPL) before accessing a debug register, which allows guest OS users to cause a denial of service (trap) on the host OS via a crafted application. CVE-2009-4031 It was discovered that the do_insn_fetch function in the x86 emulator in the KVM subsystem tries to interpret instructions that contain too many bytes to be valid, which allows guest OS users to cause a denial of service (increased scheduling latency) on the host OS via unspecified manipulations related to SMP support. For the stable distribution (lenny), these problems have been fixed in version 72+dfsg-5~lenny4. For the testing distribution (squeeze), and the unstable distribution (sid), these problems will be fixed soon. We recommend that you upgrade your kvm package. |
Original Source
Url : http://www.debian.org/security/2009/dsa-1962 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
33 % | CWE-264 | Permissions, Privileges, and Access Controls |
33 % | CWE-189 | Numeric Errors (CWE/SANS Top 25) |
33 % | CWE-20 | Improper Input Validation |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:11089 | |||
Oval ID: | oval:org.mitre.oval:def:11089 | ||
Title: | The do_insn_fetch function in arch/x86/kvm/emulate.c in the x86 emulator in the KVM subsystem in the Linux kernel before 2.6.32-rc8-next-20091125 tries to interpret instructions that contain too many bytes to be valid, which allows guest OS users to cause a denial of service (increased scheduling latency) on the host OS via unspecified manipulations related to SMP support. | ||
Description: | The do_insn_fetch function in arch/x86/kvm/emulate.c in the x86 emulator in the KVM subsystem in the Linux kernel before 2.6.32-rc8-next-20091125 tries to interpret instructions that contain too many bytes to be valid, which allows guest OS users to cause a denial of service (increased scheduling latency) on the host OS via unspecified manipulations related to SMP support. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2009-4031 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:18428 | |||
Oval ID: | oval:org.mitre.oval:def:18428 | ||
Title: | DSA-1962-1 kvm - several vulnerabilities | ||
Description: | Several vulnerabilities have been discovered in kvm, a full virtualization system. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1962-1 CVE-2009-3638 CVE-2009-3722 CVE-2009-4031 | Version: | 7 |
Platform(s): | Debian GNU/Linux 5.0 | Product(s): | kvm |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:22916 | |||
Oval ID: | oval:org.mitre.oval:def:22916 | ||
Title: | ELSA-2009:1659: kvm security and bug fix update (Moderate) | ||
Description: | The do_insn_fetch function in arch/x86/kvm/emulate.c in the x86 emulator in the KVM subsystem in the Linux kernel before 2.6.32-rc8-next-20091125 tries to interpret instructions that contain too many bytes to be valid, which allows guest OS users to cause a denial of service (increased scheduling latency) on the host OS via unspecified manipulations related to SMP support. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2009:1659-01 CVE-2009-4031 | Version: | 6 |
Platform(s): | Oracle Linux 5 | Product(s): | kvm |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:6977 | |||
Oval ID: | oval:org.mitre.oval:def:6977 | ||
Title: | DSA-1962 kvm -- several vulnerabilities | ||
Description: | Several vulnerabilities have been discovered in kvm, a full virtualization system. The Common Vulnerabilities and Exposures project identifies the following problems: It was discovered an Integer overflow in the kvm_dev_ioctl_get_supported_cpuid function. This allows local users to have an unspecified impact via a KVM_GET_SUPPORTED_CPUID request to the kvm_arch_dev_ioctl function. It was discovered that the handle_dr function in the KVM subsystem does not properly verify the Current Privilege Level before accessing a debug register, which allows guest OS users to cause a denial of service on the host OS via a crafted application. It was discovered that the do_insn_fetch function in the x86 emulator in the KVM subsystem tries to interpret instructions that contain too many bytes to be valid, which allows guest OS users to cause a denial of service on the host OS via unspecified manipulations related to SMP support. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1962 CVE-2009-3638 CVE-2009-3722 CVE-2009-4031 | Version: | 5 |
Platform(s): | Debian GNU/Linux 5.0 | Product(s): | kvm |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:9892 | |||
Oval ID: | oval:org.mitre.oval:def:9892 | ||
Title: | The handle_dr function in arch/x86/kvm/vmx.c in the KVM subsystem in the Linux kernel before 2.6.31.1 does not properly verify the Current Privilege Level (CPL) before accessing a debug register, which allows guest OS users to cause a denial of service (trap) on the host OS via a crafted application. | ||
Description: | The handle_dr function in arch/x86/kvm/vmx.c in the KVM subsystem in the Linux kernel before 2.6.31.1 does not properly verify the Current Privilege Level (CPL) before accessing a debug register, which allows guest OS users to cause a denial of service (trap) on the host OS via a crafted application. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2009-3722 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2010-10-19 | Name : Mandriva Update for kernel MDVSA-2010:198 (kernel) File : nvt/gb_mandriva_MDVSA_2010_198.nasl |
2010-09-27 | Name : Mandriva Update for kernel MDVSA-2010:188 (kernel) File : nvt/gb_mandriva_MDVSA_2010_188.nasl |
2010-03-02 | Name : Fedora Update for kernel FEDORA-2010-0919 File : nvt/gb_fedora_2010_0919_kernel_fc11.nasl |
2010-03-02 | Name : Fedora Update for kernel FEDORA-2010-1500 File : nvt/gb_fedora_2010_1500_kernel_fc11.nasl |
2010-03-02 | Name : Fedora Update for kernel FEDORA-2010-1804 File : nvt/gb_fedora_2010_1804_kernel_fc11.nasl |
2010-02-08 | Name : Ubuntu Update for Linux kernel vulnerabilities USN-894-1 File : nvt/gb_ubuntu_USN_894_1.nasl |
2009-12-30 | Name : Fedora Core 11 FEDORA-2009-13694 (kernel) File : nvt/fcore_2009_13694.nasl |
2009-12-30 | Name : CentOS Security Advisory CESA-2009:1659 (kvm) File : nvt/ovcesa2009_1659.nasl |
2009-12-14 | Name : RedHat Security Advisory RHSA-2009:1659 File : nvt/RHSA_2009_1659.nasl |
2009-12-14 | Name : Fedora Core 10 FEDORA-2009-13098 (kernel) File : nvt/fcore_2009_13098.nasl |
2009-12-10 | Name : Fedora Core 11 FEDORA-2009-12786 (kernel) File : nvt/fcore_2009_12786.nasl |
2009-11-23 | Name : Mandriva Security Advisory MDVSA-2009:301 (kernel) File : nvt/mdksa_2009_301.nasl |
2009-11-23 | Name : SLES11: Security update for KVM File : nvt/sles11_kvm0.nasl |
2009-11-11 | Name : Debian Security Advisory DSA 1927-1 (linux-2.6) File : nvt/deb_1927_1.nasl |
2009-11-11 | Name : Fedora Core 11 FEDORA-2009-11032 (kernel) File : nvt/fcore_2009_11032.nasl |
2009-11-11 | Name : Fedora Core 10 FEDORA-2009-11038 (kernel) File : nvt/fcore_2009_11038.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
60559 | Linux Kernel KVM Subsystem x86 Emulator arch/x86/kvm/emulate.c do_insn_fetch ... |
59477 | Linux Kernel KVM Subsystem arch/x86/kvm/vmx.c handle_dr Function CPL Verifica... |
59475 | Linux Kernel KVM Subsystem arch/x86/kvm/x86.c kvm_dev_ioctl_get_supported_cpu... |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2010-0126.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2009-1659.nasl - Type : ACT_GATHER_INFO |
2013-01-24 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0126.nasl - Type : ACT_GATHER_INFO |
2013-01-24 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-1659.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20100301_kvm_on_SL5_4.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20091209_kvm_on_SL5_4.nasl - Type : ACT_GATHER_INFO |
2010-10-08 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2010-198.nasl - Type : ACT_GATHER_INFO |
2010-09-24 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2010-188.nasl - Type : ACT_GATHER_INFO |
2010-07-30 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2009-329.nasl - Type : ACT_GATHER_INFO |
2010-03-23 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_kernel-100317.nasl - Type : ACT_GATHER_INFO |
2010-03-04 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2010-0126.nasl - Type : ACT_GATHER_INFO |
2010-02-24 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1962.nasl - Type : ACT_GATHER_INFO |
2010-02-24 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1927.nasl - Type : ACT_GATHER_INFO |
2010-02-05 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-894-1.nasl - Type : ACT_GATHER_INFO |
2010-01-06 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2009-1659.nasl - Type : ACT_GATHER_INFO |
2009-12-14 | Name : The remote Fedora host is missing a security update. File : fedora_2009-13098.nasl - Type : ACT_GATHER_INFO |
2009-12-07 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-864-1.nasl - Type : ACT_GATHER_INFO |
2009-11-23 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_kvm-091113.nasl - Type : ACT_GATHER_INFO |
2009-11-23 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_kvm-091113.nasl - Type : ACT_GATHER_INFO |
2009-11-23 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_kvm-091116.nasl - Type : ACT_GATHER_INFO |
2009-11-06 | Name : The remote Fedora host is missing a security update. File : fedora_2009-11038.nasl - Type : ACT_GATHER_INFO |
2009-11-06 | Name : The remote Fedora host is missing a security update. File : fedora_2009-11032.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:29:07 |
|