Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
seebugRootSSV:19333
HistoryMar 24, 2010 - 12:00 a.m.

Linux kernel 2.6.x KVM超大SMP指令本地拒绝服务漏洞

2010-03-2400:00:00
Root
www.seebug.org
34

0.002 Low

EPSS

Percentile

61.0%

JSON

BUGTRAQ ID: 37130
CVE ID: CVE-2009-4031

Linux Kernel是开放源码操作系统Linux所使用的内核。

在x86平台上,x86模拟器上的arch/x86/kvm/emulate.c文件的do_insn_fetch()函数没有限制每次指令可获取的指令字节数。guest操作系统中的用户可以利用这个漏洞在SMP主机上造成很大的延迟,导致主机操作系统上本地拒绝服务。

Linux kernel 2.6.x
厂商补丁:

Linux

目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:

http://git.kernel.org/?p=linux/kernel/git/avi/kvm.git;a=commit;h=e42d9b8141d1f54ff72ad3850bb110c95a5f3b88

RedHat

RedHat已经为此发布了一个安全公告(RHSA-2009:1692-01)以及相应补丁:
RHSA-2009:1692-01:Important: rhev-hypervisor security and bug fix update
链接:https://www.redhat.com/support/errata/RHSA-2009-1692.html

Related

centos 1
openvas 10
nessus 8
prion 1
redhat 2
cve 1
oraclelinux 2
ubuntucve 1
osv 1
debian 1
securityvulns 2
suse 1
ubuntu 1
fedora 1
centos
centos
kmod, kvm security update
2009-12-18 01:52:42
openvas
openvas
CentOS Security Advisory CESA-2009:1659 (kvm)
2009-12-30 00:00:00
CentOS Security Advisory CESA-2009:1659 (kvm)
2009-12-30 00:00:00
RedHat Security Advisory RHSA-2009:1659
2009-12-14 00:00:00
nessus
nessus
Oracle Linux 5 : kvm (ELSA-2009-1659)
2013-07-12 00:00:00
CentOS 5 : kvm (CESA-2009:1659)
2010-01-06 00:00:00
Scientific Linux Security Update : kvm on SL5.4 x86_64
2012-08-01 00:00:00
prion
prion
Design/Logic Flaw
2009-11-29 13:07:00
redhat
redhat
(RHSA-2009:1659) Moderate: kvm security and bug fix update
2009-12-09 00:00:00
(RHSA-2009:1692) Important: rhev-hypervisor security and bug fix update
2009-12-23 00:00:00
cve
cve
CVE-2009-4031
2009-11-29 13:07:00
oraclelinux
oraclelinux
kvm security and bug fix update
2009-12-09 00:00:00
kvm security, bug fix and enhancement update
2010-04-05 00:00:00
ubuntucve
ubuntucve
CVE-2009-4031
2009-11-29 00:00:00
osv
osv
kvm - several vulnerabilities
2009-12-23 00:00:00
debian
debian
[SECURITY] [DSA-1962-1] New kvm packages fix several vulnerabilities
2009-12-23 11:54:01
securityvulns
securityvulns
[SECURITY] [DSA-1962-1] New kvm packages fix several vulnerabilities
2009-12-23 00:00:00
kvm virtualization multiple security vulnerabilities
2009-12-23 00:00:00
suse
suse
local privilege escalation, local information in kernel
2010-03-22 16:33:19
ubuntu
ubuntu
Linux kernel vulnerabilities
2010-02-05 00:00:00
fedora
fedora
[SECURITY] Fedora 10 Update: kernel-2.6.27.41-170.2.117.fc10
2009-12-11 18:26:18

0.002 Low

EPSS

Percentile

61.0%

JSON
Related for SSV:19333
centos1openvas10nessus8prion1redhat2cve1oraclelinux2ubuntucve1osv1debian1securityvulns2suse1ubuntu1fedora1