| Vigilance Computer Vulnerability Alerts watches public vulnerabilities impacting your computers, describes security patches, and then alerts you to fix them. |
| Request your free trial |
|
 |
|
|
Synthesis of the vulnerability 
On an x86 virtualized computer, a local attacker can use EFER to stop the system.
Impacted systems: Debian, Kernel Linux, openSUSE, SLES.
Severity of this alert: 1/4.
Creation date: 01/04/2009.
Références of this alert: BID-34331, CERTA-2002-AVI-235, CVE-2009-1242, VIGILANCE-VUL-8585.
Description of the vulnerability 
An x86 processor supports VMX (Virtual Machine Extensions).
The vmx_set_msr() function of the arch/x86/kvm/vmx.c file sets MSR (Model Specific Registers):
- MSR_EFER : extended feature
- MSR_STAR : legacy mode syscall target
- etc.
The EFER MSR is specific to x64 processors. However, in a i386 virtual machine, the vmx_set_msr() function tries to set it, which panics the kernel.
On an x86 virtualized computer, a local attacker can therefore use EFER to stop the system.
This computer threat announce impacts software or systems such as Debian, Kernel Linux, openSUSE, SLES.
Our Vigilance Computer Vulnerability Alerts team determined that the severity of this computer vulnerability is low.
The trust level is of type confirmed by the editor, with an origin of user shell.
An attacker with a expert ability can exploit this cybersecurity alert.
Solutions for this threat 
Linux kernel: version 2.6.30.
Version 2.6.30 is corrected:
ftp://ftp.kernel.org/pub/linux/kernel/v2.6/
Linux kernel: version 2.6.29.1.
Version 2.6.29.1 is corrected:
http://www.kernel.org/pub/linux/kernel/v2.6/
Linux kernel: patch for EFER.
A patch is available in information sources.
Debian 4: new linux-2.6.24 packages.
New packages are available:
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-*-2.6.24_2.6.24-6~etchnhalf.8etch1_*.deb
Debian 5: new linux-2.6 packages.
New packages are available:
http://security.debian.org/pool/updates/main/l/linux-2.6/*-2.6.26_2.6.26-15lenny2_*.deb
openSUSE 11.0: new kernel packages.
New packages are available:
http://download.opensuse.org/update/11.0/rpm/*/kernel-*-2.6.25.20-0.4.*.rpm
openSUSE 11.1, SLE 11: new kernel packages.
New packages are available.
Computer vulnerabilities alerting service 
The Vigilance Computer Vulnerability Alerts offer can be used to access to our XML API.
|