KVM virtio-net Driver TCP Processing Bug Lets Remote Users Deny Service
|
|
SecurityTracker Alert ID: 1023798 |
|
SecurityTracker URL: http://securitytracker.com/id/1023798
|
|
CVE Reference:
CVE-2010-0741
(Links to External Site)
|
Date: Mar 31 2010
|
Impact:
Denial of service via network
|
Fix Available: Yes Vendor Confirmed: Yes
|
|
Description:
A vulnerability was reported in KVM. A remote user can cause denial of service conditions.
The Linux virtio-net driver does not properly implement TCP segment offloading (TSO) processing. A remote user can send specially crafted data to a certain KVM process on the target system to cause the target guest to crash.
|
Impact:
A remote user can cause the target guest operating system to crash.
|
Solution:
The vendor has issued a fix, available at:
https://patchwork.kernel.org/patch/56479/
|
Vendor URL: linux-kvm.org/ (Links to External Site)
|
Cause:
State error
|
Underlying OS:
Linux (Any)
|
|
Message History:
This archive entry has one or more follow-up message(s) listed below.
|
Source Message Contents
|
Date: Wed, 31 Mar 2010 06:34:01 +0000
Subject: KVM
|
https://patchwork.kernel.org/patch/56479/
CVE-2010-0741
|
|
