CVE-2009-4031

Linux kernel <2.6.32-rc8-next - DoS

Title source: llm
STIX 2.1

Description

The do_insn_fetch function in arch/x86/kvm/emulate.c in the x86 emulator in the KVM subsystem in the Linux kernel before 2.6.32-rc8-next-20091125 tries to interpret instructions that contain too many bytes to be valid, which allows guest OS users to cause a denial of service (increased scheduling latency) on the host OS via unspecified manipulations related to SMP support.

References (10)

Core 10
Core References
Mailing List, Third Party Advisory mailing-list x_refsource_mlist
http://www.openwall.com/lists/oss-security/2009/11/25/1
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/37720
Third Party Advisory vendor-advisory x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00006.html
Mailing List, Third Party Advisory mailing-list x_refsource_mlist
http://www.openwall.com/lists/oss-security/2009/11/25/3
Third Party Advisory vendor-advisory x_refsource_fedora
https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00777.html
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/37130
Issue Tracking, Third Party Advisory x_refsource_confirm
https://bugzilla.redhat.com/show_bug.cgi?id=541160

Scores

EPSS 0.0311
EPSS Percentile 86.3%

Details

CWE
CWE-20
Status published
Products (2)
linux/linux_kernel 2.6.32 (8 CPE variants)
linux/linux_kernel < 2.6.32
Published Nov 29, 2009
Tracked Since Feb 18, 2026