Vigilance Computer Vulnerability Alerts watches public vulnerabilities impacting your computers, describes security patches, and then alerts you to fix them.
Request your free trial

Vulnerability of Linux kernel: denial of service via EFER

Synthesis of the vulnerability 

On an x86 virtualized computer, a local attacker can use EFER to stop the system.
Impacted systems: Debian, Kernel Linux, openSUSE, SLES.
Severity of this alert: 1/4.
Creation date: 01/04/2009.
Références of this alert: BID-34331, CERTA-2002-AVI-235, CVE-2009-1242, VIGILANCE-VUL-8585.

Description of the vulnerability 

An x86 processor supports VMX (Virtual Machine Extensions).

The vmx_set_msr() function of the arch/x86/kvm/vmx.c file sets MSR (Model Specific Registers):
 - MSR_EFER : extended feature
 - MSR_STAR : legacy mode syscall target
 - etc.

The EFER MSR is specific to x64 processors. However, in a i386 virtual machine, the vmx_set_msr() function tries to set it, which panics the kernel.

On an x86 virtualized computer, a local attacker can therefore use EFER to stop the system.

Request your free trial to see the full bulletin

This computer threat announce impacts software or systems such as Debian, Kernel Linux, openSUSE, SLES.

Our Vigilance Computer Vulnerability Alerts team determined that the severity of this computer vulnerability is low.

The trust level is of type confirmed by the editor, with an origin of user shell.

An attacker with a expert ability can exploit this cybersecurity alert.

Solutions for this threat 

Linux kernel: version 2.6.30.
Version 2.6.30 is corrected:
  ftp://ftp.kernel.org/pub/linux/kernel/v2.6/

Linux kernel: version 2.6.29.1.
Version 2.6.29.1 is corrected:
  http://www.kernel.org/pub/linux/kernel/v2.6/

Linux kernel: patch for EFER.
A patch is available in information sources.

Debian 4: new linux-2.6.24 packages.
New packages are available:
  http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-*-2.6.24_2.6.24-6~etchnhalf.8etch1_*.deb

Debian 5: new linux-2.6 packages.
New packages are available:
  http://security.debian.org/pool/updates/main/l/linux-2.6/*-2.6.26_2.6.26-15lenny2_*.deb

openSUSE 11.0: new kernel packages.
New packages are available:
  http://download.opensuse.org/update/11.0/rpm/*/kernel-*-2.6.25.20-0.4.*.rpm

openSUSE 11.1, SLE 11: new kernel packages.
New packages are available.

Request your free trial to see the full bulletin

Computer vulnerabilities alerting service 

The Vigilance Computer Vulnerability Alerts offer can be used to access to our XML API.