SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Generic)  >   KVM Vendors:   kvm.qumranet.com
KVM Missing Privilege Check in kvm_emulate_hypercall() May Let Local Users Gain Elevated Privileges
SecurityTracker Alert ID:  1022956
SecurityTracker URL:  http://securitytracker.com/id/1022956
CVE Reference:   CVE-2009-3290   (Links to External Site)
Date:  Sep 29 2009
Impact:   Denial of service via local system, User access via local system
Fix Available:  Yes  Vendor Confirmed:  Yes  

Description:   A vulnerability was reported in KVM. A local user on the guest operating system can cause denial of service conditions or potentially obtain elevated privileges on the guest operating system.

The kvm_emulate_hypercall() function does not properly check for the Current Privilege Level (CPL). A local user on the guest operating system can issue MMU hypercalls and pass random addresses to the kernel to cause the guest operating system to crash.

Linux kernel versions 2.6.25-rc1 to prior to 2.6.31 are affected.

Impact:   A local user on the guest operating system may be able obtain elevated privileges on the target guest operating system.

A local user on the guest operating system can cause denial of service conditions on the target guest operating system.

Solution:   The vendor has issued a fix, available at:

http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=07708c4af1346ab1521b26a202f438366b7bcffd

Vendor URL:  linux-kvm.org/ (Links to External Site)
Cause:   Access control error
Underlying OS:  Linux (Any)

Message History:   This archive entry has one or more follow-up message(s) listed below.
Sep 29 2009 (Red Hat Issues Fix) KVM Missing Privilege Check in kvm_emulate_hypercall() May Let Local Users Gain Elevated Privileges
Red Hat has released a fix for Red Hat Enterprise Linux 5.



 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2020, SecurityGlobal.net LLC