Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 265169 (CVE-2009-1242)

Summary: Kernel: <2.6.29.1 KVM vmx_set_msr DOS (CVE-2009-1242)
Product: Gentoo Security Reporter: Stefan Behte (RETIRED) <craig>
Component: KernelAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: normal CC: hardened-kernel+disabled, kernel
Priority: High    
Version: unspecified   
Hardware: All   
OS: Linux   
URL: http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=16175a796d061833aacfbd9672235f2d2725df65
Whiteboard: [linux >= 2.6.20 < 2.6.29.1] [gp <2.6.29-2]
Package list:
Runtime testing required: ---

Description Stefan Behte (RETIRED) gentoo-dev Security 2009-04-06 22:32:08 UTC 
CVE-2009-1242 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1242):
  The vmx_set_msr function in arch/x86/kvm/vmx.c in the VMX
  implementation in the KVM subsystem in the Linux kernel before
  2.6.29.1 on the i386 platform allows guest OS users to cause a denial
  of service (OOPS) by setting the EFER_LME (aka "Long mode enable")
  bit in the Extended Feature Enable Register (EFER) model-specific
  register, which is specific to the x86_64 platform.
Comment 1 solar (RETIRED) gentoo-dev 2009-04-06 23:18:15 UTC 
security team, please try to make note of this. All bugs related to the "kernel" of 'hardened' should be assigned to 'hardened-kernel' vs 'hardened' 
Thanks in advance.