SUSE CVE-2009-2287

The kvmarchvcpuioctlsetsregs function in the KVM in Linux kernel 2.6 before 2.6.30, when running on x86 systems, does not validate the page table root in a KVMSETSREGS call, which allows local users to cause a denial of service crash or hang via a crafted cr3 value, which triggers a NULL pointer...

Debian DSA-1845-1 : linux-2.6 - denial of service, privilege escalation

Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service, or privilege escalation. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2009-1895 Julien Tinnes and Tavis Ormandy reported an issue in the Linux...

DSA-1846-1 kvm - denial of service

Bulletin has no description...

Linux Kernel kvm_arch_vcpu_ioctl_set_sregs()函数本地拒绝服务漏洞

BUGTRAQ ID: 35529 CVECAN ID: CVE-2009-2287 Linux Kernel是开放源码操作系统Linux所使用的内核。 运行在x86系统上的Linux Kernel的KVM中kvmarchvcpuioctlsetsregs函数没有正确地验证KVMSETSREGS调用中的页表根，本地用户可以通过提交特制的cr3值在gfntormap函数中触发空指针引用，导致受影响的系统崩溃。 Linux kernel 2.6.x 厂商补丁： Linux ----- 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载：...