blob: 8aa9debdfed856d1dec71bf8dcea0873412e07f5 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
|
Candidate: CVE-2009-3640
Description:
kvm update_cr8_intercept() null ptr dereference
References:
http://www.openwall.com/lists/oss-security/2009/10/24/1
http://git.kernel.org/linus/88c808fd42b53a7e01a2ac3253ef31fef74cb5af
Notes:
kvm support introduced in 2.6.25
jmm> The 2.6.26 has the code in a different file, in which is was still
jmm> guarded for APIC. I've send Avi an email and he confirmed that
jmm> older kernels are not affected
Bugs:
upstream: released (2.6.32-rc1) [88c808fd42b53a7e01a2ac3253ef31fef74cb5af], released (2.6.31.2) [c3443b436a0767cbc0d4ab405f8fa13fb34bd56c]
linux-2.6: released (2.6.31-1)
2.6.18-etch-security: N/A "no kvm"
2.6.24-etch-security: N/A "no kvm"
2.6.26-lenny-security: N/A
|
