You are here

CVE-2009-3722

Vincent (CVE) Danen's picture
The handle_dr function in arch/x86/kvm/vmx.c in the KVM subsystem in the Linux kernel before 2.6.31.1 does not properly verify the Current Privilege Level (CPL) before accessing a debug register, which allows guest OS users to cause a denial of service (trap) on the host OS via a crafted application.

Details Source

Mitre

Statement

Red Hat is aware of this issue and is tracking it via the following bug: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2009-3722

The Red Hat Security Response Team has rated this issue as having moderate security impact, a future update will address this flaw.

Public Date

2009-09-10 00:00:00

Impact

Moderate

Bugzilla

CVE-2009-3722 KVM: Check cpl before emulating debug register access

Bugzilla ID

531 660

CVSS Status

verified

Base Score

4.90

Base Metrics

AV:L/AC:L/Au:N/C:N/I:N/A:C

Red Hat Security Errata

Platform Errata Release Date
Red Hat Enterprise Linux Virtualization 5 (kvm) RHSA-2010:0126 2010-03-01
Red Hat Enterprise Virtualization Hypervisor 5 (rhev-hypervisor) RHSA-2010:0172 2010-03-24