oss-sec mailing list archives
CVE-2012-4461 -- kernel: kvm: invalid opcode oops on SET_SREGS with OSXSAVE bit set
From: Petr Matousek <pmatouse () redhat com>
Date: Tue, 6 Nov 2012 19:30:40 +0100
A flaw has been found in the way Linux kernel's KVM subsystem handled vcpu->arch.cr4 X86_CR4_OSXSAVE bit set upon guest enter. On hosts without the XSAVE feature and using qemu userspace an unprivileged local user could use this flaw to crash the system. Acknowledgements: Red Hat would like to thank Jon Howell for reporting this issue. Proposed upstream fix: http://article.gmane.org/gmane.comp.emulators.kvm.devel/100742 References: https://bugzilla.redhat.com/show_bug.cgi?id=862900 http://article.gmane.org/gmane.comp.emulators.kvm.devel/100742 Thanks, -- Petr Matousek / Red Hat Security Response Team
Current thread:
- CVE-2012-4461 -- kernel: kvm: invalid opcode oops on SET_SREGS with OSXSAVE bit set Petr Matousek (Nov 06)