oss-sec mailing list archives
CVE request: kvm: update_cr8_intercept() NULL pointer dereference when running without an apic
From: Eugene Teo <eugeneteo () kernel sg>
Date: Fri, 23 Oct 2009 11:47:00 +0800
Quote from the upstream commit: "update_cr8_intercept() can be triggered from userspace while there is no apic present." http://git.kernel.org/linus/88c808fd42b53a7e01a2ac3253ef31fef74cb5afThis one can be triggered via kvm_vcpu_ioctl() if /dev/kvm is user accessible (which is recommended...). Fixed in v2.6.32-rc1.
Eugene
Current thread:
- CVE request: kvm: update_cr8_intercept() NULL pointer dereference when running without an apic Eugene Teo (Oct 22)