CVE - CVE-2009-1242

CVE-ID
CVE-2009-1242	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
The vmx_set_msr function in arch/x86/kvm/vmx.c in the VMX implementation in the KVM subsystem in the Linux kernel before 2.6.29.1 on the i386 platform allows guest OS users to cause a denial of service (OOPS) by setting the EFER_LME (aka "Long mode enable") bit in the Extended Feature Enable Register (EFER) model-specific register, which is specific to the x86_64 platform.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
BID:34331 URL:http://www.securityfocus.com/bid/34331 BUGTRAQ:20090516 rPSA-2009-0084-1 kernel URL:http://www.securityfocus.com/archive/1/503610/100/0/threaded CONFIRM:http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=16175a796d061833aacfbd9672235f2d2725df65 CONFIRM:http://patchwork.kernel.org/patch/15549/ CONFIRM:http://wiki.rpath.com/Advisories:rPSA-2009-0084 CONFIRM:http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.29.1 CONFIRM:http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.29-git1.log CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=502109 DEBIAN:DSA-1787 URL:http://www.debian.org/security/2009/dsa-1787 DEBIAN:DSA-1800 URL:http://www.debian.org/security/2009/dsa-1800 FEDORA:FEDORA-2009-5356 URL:https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01126.html MISC:http://vigilance.fr/vulnerability/Linux-kernel-denial-of-service-via-EFER-8585 MISC:http://www.globalsecuritymag.com/Vigil-nce-Linux-kernel-denial-of,20090402,8311 MLIST:[oss-security] 20090401 CVE request: kernel: KVM: VMX: Dont allow uninhibited access to EFER on i386 URL:http://openwall.com/lists/oss-security/2009/04/01/3 SECUNIA:34478 URL:http://secunia.com/advisories/34478 SECUNIA:34981 URL:http://secunia.com/advisories/34981 SECUNIA:35120 URL:http://secunia.com/advisories/35120 SECUNIA:35121 URL:http://secunia.com/advisories/35121 SECUNIA:35226 URL:http://secunia.com/advisories/35226 SECUNIA:35387 URL:http://secunia.com/advisories/35387 SECUNIA:35394 URL:http://secunia.com/advisories/35394 SECUNIA:35656 URL:http://secunia.com/advisories/35656 SUSE:SUSE-SA:2009:031 URL:http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00001.html SUSE:SUSE-SA:2009:032 URL:http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00002.html UBUNTU:USN-793-1 URL:http://www.ubuntu.com/usn/usn-793-1 VUPEN:ADV-2009-0924 URL:http://www.vupen.com/english/advisories/2009/0924 XF:linux-kernel-eferlme-dos(49594) URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/49594
Assigning CNA
MITRE Corporation
Date Record Created
20090406	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20090406)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is a record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)