CVE-2009-4031

NameCVE-2009-4031
DescriptionThe do_insn_fetch function in arch/x86/kvm/emulate.c in the x86 emulator in the KVM subsystem in the Linux kernel before 2.6.32-rc8-next-20091125 tries to interpret instructions that contain too many bytes to be valid, which allows guest OS users to cause a denial of service (increased scheduling latency) on the host OS via unspecified manipulations related to SMP support.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
ReferencesDSA-1962-1
Debian Bugs562075

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
kvmsourcelenny72+dfsg-5~lenny4DSA-1962-1
kvmsource(unstable)(unfixed)low562075
linux-2.6sourceetch(not affected)
linux-2.6sourcelenny2.6.26-21
linux-2.6source(unstable)2.6.32-3low
linux-2.6.24source(unstable)(not affected)

Notes

[etch] - linux-2.6 <not-affected> (kvm introduced in 2.6.25)
- linux-2.6.24 <not-affected> (kvm introduced in 2.6.25)
Search for package or bug name: Reporting problems