CVE-2009-4031

Publication date 29 November 2009

Last updated 24 July 2024


Ubuntu priority

The do_insn_fetch function in arch/x86/kvm/emulate.c in the x86 emulator in the KVM subsystem in the Linux kernel before 2.6.32-rc8-next-20091125 tries to interpret instructions that contain too many bytes to be valid, which allows guest OS users to cause a denial of service (increased scheduling latency) on the host OS via unspecified manipulations related to SMP support.

From the Ubuntu Security Team

It was discovered that KVM did not correctly decode certain guest instructions. A local attacker in a guest could exploit this to trigger high scheduling latency in the host, leading to a denial of service.

Status

Package Ubuntu Release Status
kvm 11.04 natty Not in release
10.10 maverick Not in release
10.04 LTS lucid Not in release
9.10 karmic Not in release
9.04 jaunty Ignored end of life
8.10 intrepid Ignored end of life, was needs-triage
8.04 LTS hardy Ignored end of life
6.06 LTS dapper Not in release
linux 11.04 natty
Not affected
10.10 maverick
Not affected
10.04 LTS lucid
Not affected
9.10 karmic
Fixed 2.6.31-19.56
9.04 jaunty
Fixed 2.6.28-18.59
8.10 intrepid
Fixed 2.6.27-17.45
8.04 LTS hardy
Fixed 2.6.24-27.65
6.06 LTS dapper Not in release
linux-ec2 11.04 natty Not in release
10.10 maverick Ignored end of life
10.04 LTS lucid
Not affected
9.10 karmic
Fixed 2.6.31-19.56
9.04 jaunty Not in release
8.10 intrepid Not in release
8.04 LTS hardy Not in release
6.06 LTS dapper Not in release
linux-fsl-imx51 11.04 natty Not in release
10.10 maverick Not in release
10.04 LTS lucid
Not affected
9.10 karmic
Fixed 2.6.31-108.21
8.04 LTS hardy Not in release
6.06 LTS dapper Not in release
linux-lts-backport-maverick 11.04 natty Not in release
10.10 maverick Not in release
10.04 LTS lucid
Not affected
9.10 karmic Not in release
9.04 jaunty Not in release
8.10 intrepid Not in release
8.04 LTS hardy Not in release
6.06 LTS dapper Not in release
linux-mvl-dove 11.04 natty Not in release
10.10 maverick
Not affected
10.04 LTS lucid
Not affected
9.10 karmic
Fixed 2.6.31-211.22
8.04 LTS hardy Not in release
6.06 LTS dapper Not in release
linux-source-2.6.15 11.04 natty Not in release
10.10 maverick Not in release
10.04 LTS lucid Not in release
9.10 karmic Not in release
9.04 jaunty Not in release
8.10 intrepid Not in release
8.04 LTS hardy Not in release
6.06 LTS dapper
Not affected
linux-ti-omap4 11.04 natty
Not affected
10.10 maverick
Not affected
10.04 LTS lucid Not in release
9.10 karmic Not in release
8.04 LTS hardy Not in release
6.06 LTS dapper Not in release
qemu-kvm 11.04 natty
Not affected
10.10 maverick
Not affected
10.04 LTS lucid
Not affected
9.10 karmic
Not affected
9.04 jaunty Not in release
8.10 intrepid Not in release
8.04 LTS hardy Not in release
6.06 LTS dapper Not in release

Patch details

For informational purposes only. We recommend not to cherry-pick updates. How can I get the fixes?

Package Patch details
linux

References

Related Ubuntu Security Notices (USN)

    • USN-894-1
    • Linux kernel vulnerabilities
    • 5 February 2010

Other references