PT-2009-6198 · Linux · Linux Kernel
Publicado
2009-11-20
·
Atualizado
2020-08-12
·
CVE-2009-4004
CVSS v2.0
7.2
Alta
| Vetor | AV:L/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Linux kernel versions prior to 2.6.32-rc7
Description
The issue is related to a buffer overflow in the
kvm vcpu ioctl x86 setup mce function, which can cause memory corruption or potentially allow local users to gain privileges. This is achieved by sending a KVM X86 SETUP MCE IOCTL request with a large number of Machine Check Exception (MCE) banks.Recommendations
For Linux kernel versions prior to 2.6.32-rc7, update to version 2.6.32-rc7 or later to resolve the issue.
Correção
Buffer Overflow
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Linux Kernel