Oval Definition:oval:org.opensuse.security:def:20092287
Revision Date:2022-05-20Version:1
Title:CVE-2009-2287
Description:

The kvm_arch_vcpu_ioctl_set_sregs function in the KVM in Linux kernel 2.6 before 2.6.30, when running on x86 systems, does not validate the page table root in a KVM_SET_SREGS call, which allows local users to cause a denial of service (crash or hang) via a crafted cr3 value, which triggers a NULL pointer dereference in the gfn_to_rmap function.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2009-2287
Mitre CVE-2009-2287
SUSE CVE-2009-2287
Platform(s):SUSE Linux Enterprise Desktop 11 GA
SUSE Linux Enterprise Server 11
SUSE Linux Enterprise Server 11 GA
SUSE Linux Enterprise Server for SAP Applications 11
Product(s):
Definition Synopsis
  • sled11 is installed
  • AND Package Information
  • kvm-kmp-default less than 78.2.6.30.1_2.6.27.25_0.1-0.2.1
  • OR kvm-kmp-pae less than 78.2.6.30.1_2.6.27.25_0.1-0.2.1
  • OR kvm less than 78.0.10.5-0.2.1
    • Definition Synopsis
  • SUSE Linux Enterprise Server 11 is installed
  • AND Package Information
  • kvm-78.0.10.5-0.2 is installed
  • OR kvm-kmp-default-78.2.6.30.1_2.6.27.25_0.1-0.2 is installed
  • OR kvm-kmp-pae-78.2.6.30.1_2.6.27.37_0.1-0.7 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Server 11 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 11 is installed
  • AND Package Information
  • kvm-78.0.10.5-0.2.1 is installed
  • OR kvm-kmp-default-78.2.6.30.1_2.6.27.25_0.1-0.2.1 is installed
  • OR kvm-kmp-pae-78.2.6.30.1_2.6.27.37_0.1-0.7.1 is installed
    • BACK