CVE-2009-4004 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-4004): Buffer overflow in the kvm_vcpu_ioctl_x86_setup_mce function in arch/x86/kvm/x86.c in the KVM subsystem in the Linux kernel before 2.6.32-rc7 allows local users to cause a denial of service (memory corruption) or possibly gain privileges via a KVM_X86_SETUP_MCE IOCTL request that specifies a large number of Machine Check Exception (MCE) banks.
*** Bug 293530 has been marked as a duplicate of this bug. ***
(In reply to comment #1) > *** Bug 293530 has been marked as a duplicate of this bug. *** > Why did you file a new bugreport and mark Bug 293530 as duplicate which was files already 6 days earlier?
Introduced and fixed during 2.6.32 release cycle. Introduced: http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=69def9f05dfce3281bb06599057e6b8097385d39 Fixed: http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=a9e38c3e01ad242fe2a625354cf065c34b01e3aa