DSA-1962 kvm -- several vulnerabilitiesID: oval:org.secpod.oval:def:600322 | Date: (C)2011-05-13 (M)2024-02-19 |
Class: PATCH | Family: unix |
Several vulnerabilities have been discovered in kvm, a full virtualization system. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2009-3638 It was discovered an Integer overflow in the kvm_dev_ioctl_get_supported_cpuid function. This allows local users to have an unspecified impact via a KVM_GET_SUPPORTED_CPUID request to the kvm_arch_dev_ioctl function. CVE-2009-3722 It was discovered that the handle_dr function in the KVM subsystem does not properly verify the Current Privilege Level before accessing a debug register, which allows guest OS users to cause a denial of service on the host OS via a crafted application. CVE-2009-4031 It was discovered that the do_insn_fetch function in the x86 emulator in the KVM subsystem tries to interpret instructions that contain too many bytes to be valid, which allows guest OS users to cause a denial of service on the host OS via unspecified manipulations related to SMP support. For the stable distribution , these problems have been fixed in version 72+dfsg-5~lenny4. For the testing distribution , and the unstable distribution , these problems will be fixed soon. We recommend that you upgrade your kvm package.