The do_insn_fetch function in arch/x86/kvm/emulate.c in the x86 emulator in the KVM subsystem in the Linux kernel before 2.6.32-rc8-next-20091125 tries to interpret instructions that contain too many bytes to be valid, which allows guest OS users to cause a denial of service (increased scheduling latency) on the host OS via unspecified manipulations related to SMP support.
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
| Link | Tags |
|---|---|
| http://www.openwall.com/lists/oss-security/2009/11/25/1 | third party advisory mailing list |
| http://secunia.com/advisories/37720 | third party advisory |
| http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00006.html | third party advisory vendor advisory |
| http://www.kernel.org/pub/linux/kernel/v2.6/next/patch-v2.6.32-rc8-next-20091125.gz | patch vendor advisory |
| https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11089 | vdb entry third party advisory signature |
| http://www.openwall.com/lists/oss-security/2009/11/25/3 | third party advisory mailing list |
| https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00777.html | third party advisory vendor advisory |
| http://git.kernel.org/?p=linux/kernel/git/avi/kvm.git%3Ba=commit%3Bh=e42d9b8141d1f54ff72ad3850bb110c95a5f3b88 | |
| http://www.securityfocus.com/bid/37130 | vdb entry third party advisory |
| https://bugzilla.redhat.com/show_bug.cgi?id=541160 | issue tracking third party advisory |