Candidate: CVE-2009-3640
Description:
 kvm update_cr8_intercept() null ptr dereference
References:
 http://www.openwall.com/lists/oss-security/2009/10/24/1
 http://git.kernel.org/linus/88c808fd42b53a7e01a2ac3253ef31fef74cb5af
Notes:
 kvm support introduced in 2.6.25
 jmm> The 2.6.26 has the code in a different file, in which is was still
 jmm> guarded for APIC. I've send Avi an email and he confirmed that
 jmm> older kernels are not affected
Bugs:
upstream: released (2.6.32-rc1) [88c808fd42b53a7e01a2ac3253ef31fef74cb5af], released (2.6.31.2) [c3443b436a0767cbc0d4ab405f8fa13fb34bd56c]
linux-2.6: released (2.6.31-1)
2.6.18-etch-security: N/A "no kvm"
2.6.24-etch-security: N/A "no kvm"
2.6.26-lenny-security: N/A