CVE-2009-1242

Linux Kernel < 2.6.29.1 - Denial of Service via EFER_LME Bit in VMX Implementation

Title source: llm
STIX 2.1

Description

The vmx_set_msr function in arch/x86/kvm/vmx.c in the VMX implementation in the KVM subsystem in the Linux kernel before 2.6.29.1 on the i386 platform allows guest OS users to cause a denial of service (OOPS) by setting the EFER_LME (aka "Long mode enable") bit in the Extended Feature Enable Register (EFER) model-specific register, which is specific to the x86_64 platform.

References (27)

Core 27
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/49594
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/35226
Patch, Vendor Advisory x_refsource_confirm
http://patchwork.kernel.org/patch/15549/
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/34478
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/34331
Third Party Advisory vendor-advisory x_refsource_fedora
https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01126.html
Mailing List, Third Party Advisory vendor-advisory x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00002.html
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/35656
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/503610/100/0/threaded
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/35120
Mailing List, Third Party Advisory vendor-advisory x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00001.html
Third Party Advisory vendor-advisory x_refsource_ubuntu
http://www.ubuntu.com/usn/usn-793-1
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/34981
Third Party Advisory vendor-advisory x_refsource_debian
http://www.debian.org/security/2009/dsa-1800
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/35387
Third Party Advisory vendor-advisory x_refsource_debian
http://www.debian.org/security/2009/dsa-1787
Broken Link x_refsource_confirm
http://wiki.rpath.com/Advisories:rPSA-2009-0084
Mailing List, Patch, Third Party Advisory mailing-list x_refsource_mlist
http://openwall.com/lists/oss-security/2009/04/01/3
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/35121
Broken Link vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2009/0924
Issue Tracking, Patch, Third Party Advisory x_refsource_confirm
https://bugzilla.redhat.com/show_bug.cgi?id=502109
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/35394

Scores

EPSS 0.0047
EPSS Percentile 37.7%

Details

CWE
CWE-20
Status published
Products (10)
canonical/ubuntu_linux 6.06
canonical/ubuntu_linux 8.04
canonical/ubuntu_linux 8.10
canonical/ubuntu_linux 9.04
debian/debian_linux 4.0
debian/debian_linux 5.0
fedoraproject/fedora 10
linux/linux_kernel < 2.6.29.1
opensuse/opensuse 11.0
opensuse/opensuse 11.1
Published Apr 06, 2009
Tracked Since Feb 18, 2026