oss-sec mailing list archives
Re: CVE request: kernel: KVM: x86 emulator: limit instructions to 15 bytes
From: Josh Bressers <bressers () redhat com>
Date: Wed, 25 Nov 2009 11:59:32 -0500 (EST)
Please use CVE-2009-4031 for this. Thanks -- JB ----- "Eugene Teo" <eugeneteo () kernel sg> wrote:
Quoting from the patch: "While we are never normally passed an instruction that exceeds 15 bytes, smp games can cause us to attempt to interpret one, which will cause large latencies in non-preempt hosts." http://git.kernel.org/?p=linux/kernel/git/avi/kvm.git;a=commitdiff;h=e42d9b8141d1f54ff72ad3850bb110c95a5f3b88 https://bugzilla.redhat.com/show_bug.cgi?id=541160 I understand that a malicious guest can cause long scheduling latencies in the host, resulting in a denial of service, but I have not investigated this further to determine if it has more severe consequences. Thanks, Eugene -- Eugene Teo / Red Hat Security Response Team
Current thread:
- CVE request: kernel: KVM: x86 emulator: limit instructions to 15 bytes Eugene Teo (Nov 25)
- Re: CVE request: kernel: KVM: x86 emulator: limit instructions to 15 bytes Josh Bressers (Nov 25)