kvm-84-6AXS3

エラータID: AXSA:2009-417:02

Release date: 
Wednesday, October 28, 2009 - 15:53
Subject: 
kvm-84-6AXS3
Affected Channels: 
Asianux Server 3 for x86
Asianux Server 3 for x86_64
Severity: 
High
Description: 

This package provides the kvm kernel modules built for the Linux kernel 2.6.18-128.12AXS3.
Security bugs fixed with this release:
CVE-2009-3290
The kvm_emulate_hypercall function in arch/x86/kvm/x86.c in KVM in the Linux kernel 2.6.25-rc1, and other versions before 2.6.31, when running on x86 systems, does not prevent access to MMU hypercalls from ring 0, which allows local guest OS users to cause a denial of service (guest kernel crash) and read or write guest kernel memory via unspecified random addresses.

Solution: 

Update packages.

CVEs: 
CVE-2009-3290
The kvm_emulate_hypercall function in arch/x86/kvm/x86.c in KVM in the Linux kernel 2.6.25-rc1, and other versions before 2.6.31, when running on x86 systems, does not prevent access to MMU hypercalls from ring 0, which allows local guest OS users to cause a denial of service (guest kernel crash) and read or write guest kernel memory via unspecified "random addresses."


Additional Info: 

N/A

Download: 

Asianux Server 3 for x86
  1. kmod-kvm-84-6AXS3.i686.rpm
    MD5: 6bfd838cafbaef750f825167d665fa85
    SHA-256: d1817231a23ad561ddde433e1569c9d5dfe60d078b46bcc61f928dbf1980a890
    Size: 0.96 MB
  2. kmod-kvm-PAE-84-6AXS3.i686.rpm
    MD5: 5730e15a2242a999d878a751e8b8104f
    SHA-256: e15ac3afba32fb3f69a2d224cdfbc33e63c5e122504f7e166b45220438314b32
    Size: 0.96 MB

Asianux Server 3 for x86_64
  1. kmod-kvm-84-6AXS3.x86_64.rpm
    MD5: f9da0d92cd8d7978de84dd3b021b2f44
    SHA-256: 915bb9e50fc150981b2d65902126eb94d3d8e561920f5c471d85633082f34b45
    Size: 0.98 MB