CVE-2010-3698

Published: 26 November 2010

The KVM implementation in the Linux kernel before 2.6.36 does not properly reload the FS and GS segment registers, which allows host OS users to cause a denial of service (host OS crash) via a KVM_RUN ioctl call in conjunction with a modified Local Descriptor Table (LDT).

From the Ubuntu security team

It was discovered that KVM did not correctly initialize certain CPU registers. A local attacker could exploit this to crash the system, leading to a denial of service.

Priority

Medium

Status

Package Release Status
linux
Launchpad, Ubuntu, Debian 		Upstream
Released (2.6.36)
Patches:
Upstream: http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=9581d442b9058d3699b4be568b6e5eae38a41493
linux-ec2
Launchpad, Ubuntu, Debian 		Upstream
Released (2.6.36)
linux-fsl-imx51
Launchpad, Ubuntu, Debian 		Upstream
Released (2.6.36)
linux-lts-backport-maverick
Launchpad, Ubuntu, Debian 		Upstream
Released (2.6.36)
linux-lts-backport-natty
Launchpad, Ubuntu, Debian 		Upstream
Released (2.6.36)
linux-mvl-dove
Launchpad, Ubuntu, Debian 		Upstream
Released (2.6.36)
linux-source-2.6.15
Launchpad, Ubuntu, Debian 		Upstream
Released (2.6.36)
linux-ti-omap4
Launchpad, Ubuntu, Debian 		Upstream
Released (2.6.36)

Notes

AuthorNote
smb 
There is no KVM in Dapper, so that cannot be affected. Maverick needed
some adaption as a previous stable patch moved code around. Lucid had
it already. Karmic mostly cherry-pick. Hardy needed more twisting.

References

Bugs

Join the discussion

Canonical is offering Extended Security Maintenance

Canonical is offering Ubuntu Extended Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›

Further reading