Linux Kernel KVM Intel VT-x extension NULL pointer reference Denial of Service Vulnerability

Release date: 2010-08-20
Updated on: 2010-08-23

Affected Systems:
Linux kernel 2.6.x
Unaffected system:
Linux kernel 2.6.34
Description:
--------------------------------------------------------------------------------
Bugtraq id: 42582
Cve id: CVE-2010-0435

Linux Kernel is the Kernel used by open source Linux.

A null pointer reference vulnerability exists when the Intel VT-x extension is enabled for the processor on the host system. If the simulator is cheated to simulate the mov to/from DR command, because kvm_x86_ops-> (set | get) _ dr is not initialized, This NULL pointer reference may be triggered, causing host crash.

<* Source: Gleb Natapov (gleb@redhat.com)

Link: https://bugzilla.redhat.com/show_bug.cgi? Format = multiple & amp; id = 570528
Https://www.redhat.com/support/errata/RHSA-2010-0622.html
Https://www.redhat.com/support/errata/RHSA-2010-0627.html
*>

Suggestion:
--------------------------------------------------------------------------------
Vendor patch:

Linux
-----
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:

Https://patchwork.kernel.org/patch/95725/

RedHat
------
For this reason, RedHat has released a Security Bulletin (RHSA-2010: 0627-01) and patch:
RHSA-2010: 0627-01: Important: kvm security and bug fix update
Link: https://www.redhat.com/support/errata/RHSA-2010-0627.html