The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

computer vulnerability CVE-2009-1242

Linux kernel: denial of service via EFER

Synthesis of the vulnerability

On an x86 virtualized computer, a local attacker can use EFER to stop the system.
Impacted systems: Debian, Linux, openSUSE, SLES.
Severity of this alert: 1/4.
Consequences of an intrusion: denial of service on server.
Pirate's origin: user shell.
Creation date: 01/04/2009.
Références of this alert: BID-34331, CERTA-2002-AVI-235, CVE-2009-1242, DSA-1787-1, DSA-1800-1, SUSE-SA:2009:031, SUSE-SA:2009:032, VIGILANCE-VUL-8585.

Description of the vulnerability

An x86 processor supports VMX (Virtual Machine Extensions).

The vmx_set_msr() function of the arch/x86/kvm/vmx.c file sets MSR (Model Specific Registers):
 - MSR_EFER : extended feature
 - MSR_STAR : legacy mode syscall target
 - etc.

The EFER MSR is specific to x64 processors. However, in a i386 virtual machine, the vmx_set_msr() function tries to set it, which panics the kernel.

On an x86 virtualized computer, a local attacker can therefore use EFER to stop the system.
Full Vigil@nce bulletin... (Free trial)

Computer vulnerabilities tracking service

Vigil@nce provides a software vulnerabilities bulletin. The Vigil@nce vulnerability database contains several thousand vulnerabilities. The technology watch team tracks security threats targeting the computer system. The Vigil@nce computer vulnerability tracking service alerts your teams of vulnerabilities or threats impacting your information system.