Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [day] [month] [year] [list]
Date: Tue, 6 Nov 2012 19:30:40 +0100
From: Petr Matousek <pmatouse@...hat.com>
To: oss-security@...ts.openwall.com
Subject: CVE-2012-4461 -- kernel: kvm: invalid opcode oops on SET_SREGS with
 OSXSAVE bit set

A flaw has been found in the way Linux kernel's KVM subsystem handled
vcpu->arch.cr4 X86_CR4_OSXSAVE bit set upon guest enter. On hosts
without the XSAVE feature and using qemu userspace an unprivileged
local user could use this flaw to crash the system.

Acknowledgements:

Red Hat would like to thank Jon Howell for reporting this issue.

Proposed upstream fix:
http://article.gmane.org/gmane.comp.emulators.kvm.devel/100742

References:
https://bugzilla.redhat.com/show_bug.cgi?id=862900
http://article.gmane.org/gmane.comp.emulators.kvm.devel/100742

Thanks,
-- 
Petr Matousek / Red Hat Security Response Team

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ