oss-sec mailing list archives
Re: CVE request: kvm: check cpl before emulating debug register access
From: Mark J Cox <mjc () redhat com>
Date: Thu, 29 Oct 2009 08:56:17 +0000 (GMT)
On Thu, 29 Oct 2009, Eugene Teo wrote:
Quote from the upstream commit:"Debug registers may only be accessed from cpl 0. Unfortunately, vmx will code to emulate the instruction even though it was issued from guest userspace, possibly leading to an unexpected trap later."Introduced in v2.6.30-rc1; Fixed in v2.6.32-rc1. http://bugzilla.redhat.com/531660 http://git.kernel.org/linus/0a79b009525b160081d75cef5dbf45817956acf2
Please use CVE-2009-3722 Mark
Current thread:
- CVE request: kvm: check cpl before emulating debug register access Eugene Teo (Oct 28)
- Re: CVE request: kvm: check cpl before emulating debug register access Mark J Cox (Oct 29)