Bug 294244

Summary:	Kernel: kvm_vcpu_ioctl_x86_setup_mce() MCE DoS/Privilege Escalation (CVE-2009-4004)
Product:	Gentoo Security	Reporter:	Alex Legler (RETIRED) <a3li>
Component:	Kernel	Assignee:	Gentoo Security <security>
Status:	RESOLVED INVALID
Severity:	normal	CC:	cilly
Priority:	High
Version:	unspecified
Hardware:	All
OS:	Linux
URL:	http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=a9e38c3e01ad242fe2a625354cf065c34b01e3aa
Whiteboard:	[linux <2.6.32]
Package list:		Runtime testing required:	---

Description Alex Legler (RETIRED) archtester

2009-11-23 17:38:55 UTC

CVE-2009-4004 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-4004):
  Buffer overflow in the kvm_vcpu_ioctl_x86_setup_mce function in
  arch/x86/kvm/x86.c in the KVM subsystem in the Linux kernel before
  2.6.32-rc7 allows local users to cause a denial of service (memory
  corruption) or possibly gain privileges via a KVM_X86_SETUP_MCE IOCTL
  request that specifies a large number of Machine Check Exception
  (MCE) banks.

Comment 1 Bjoern Tropf (RETIRED) gentoo-dev

2009-11-23 17:55:54 UTC

*** Bug 293530 has been marked as a duplicate of this bug. ***

Comment 2 cilly 2009-11-24 15:21:40 UTC

(In reply to comment #1)
> *** Bug 293530 has been marked as a duplicate of this bug. ***
> 

Why did you file a new bugreport and mark Bug 293530 as duplicate which was files already 6 days earlier?

Comment 3 Bjoern Tropf (RETIRED) gentoo-dev

2009-12-07 13:51:36 UTC

Introduced and fixed during 2.6.32 release cycle.

Introduced: http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=69def9f05dfce3281bb06599057e6b8097385d39
Fixed: http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=a9e38c3e01ad242fe2a625354cf065c34b01e3aa