First published: Sun Sep 21 2014(Updated: )
If the guest writes a noncanonical value to certain MSR registers, KVM will write that value to the MSR in the host context and a #GP will be raised leading to kernel panic. A privileged guest user can use this flaw to crash the host. Enabling CONFIG_PARAVIRT when building the kernel mitigates this issue because wrmsrl() ends up invoking safe msr write variant. Acknowledgements: Red Hat would like to thank Lars Bull of Google and Nadav Amit for reporting this issue.
Credit: secalert@redhat.com secalert@redhat.com
Affected Software | Affected Version | How to fix |
---|---|---|
Linux Linux kernel | <3.17.2 | |
Canonical Ubuntu Linux | =10.04 | |
Canonical Ubuntu Linux | =12.04 | |
Debian Debian Linux | =7.0 | |
Opensuse Evergreen | =11.4 | |
SUSE SUSE Linux Enterprise Server | =11-sp2 | |
debian/linux | 5.10.223-1 5.10.226-1 6.1.115-1 6.1.119-1 6.11.10-1 6.12.3-1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.