Debian Security Advisory DSA 1846-1 (kvm) Network Vulnerability

Summary

The remote host is missing an update to kvm announced via advisory DSA 1846-1.

Solution

https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201846-1

Insight

Matt T. Yourst discovered an issue in the kvm subsystem. Local users with permission to manipulate /dev/kvm can cause a denial of service (hang) by providing an invalid cr3 value to the KVM_SET_SREGS call. For the stable distribution (lenny), these problems have been fixed in version 72+dfsg-5~lenny2. For the unstable distribution (sid), these problems will be fixed soon. We recommend that you upgrade your kvm packages, and rebuild any kernel

Severity

Classification

CVE CVE-2009-2287
CVSS Base Score: 4.9
AV:L/AC:L/Au:N/C:N/I:N/A:C

Related Vulnerabilities

Debian Security Advisory DSA 1121-1 (postgrey)
Debian Security Advisory DSA 1000-1 (libapreq2-perl)
Debian Security Advisory DSA 1135-1 (libtunepimp)
Debian Security Advisory DSA 093-1 (postfix)
Debian Security Advisory DSA 1071-1 (mysql)

Take action and discover your vulnerabilities