NVD Vulnerability Detail

CVE-2009-2287

Summary	The kvm_arch_vcpu_ioctl_set_sregs function in the KVM in Linux kernel 2.6 before 2.6.30, when running on x86 systems, does not validate the page table root in a KVM_SET_SREGS call, which allows local users to cause a denial of service (crash or hang) via a crafted cr3 value, which triggers a NULL pointer dereference in the gfn_to_rmap function.
Summary	La funciónkvm_arch_vcpu_ioctl_set_sregs en el KVM en el Kernel Linux v2.6 anterior a v2.6.30, ejecutado sobre plataformas x86, no valida la "page table root" (raíz de tabla de páginas) en una llamada KVM_SET_SREGS, lo que permite a usuarios locales provocar una denegación de servicio (cuelgue o caída) a través de un valor cr3 manipulado, lo que lanza un deferencia a puntero NULL en la función gfn_to_rmap.
Publication Date	July 1, 2009, 10 p.m.
Registration Date	Jan. 29, 2021, 1:20 p.m.
Last Update	April 23, 2026, 9:35 a.m.

CVSS2.0 : MEDIUM
Score	4.9
Vector	AV:L/AC:L/Au:N/C:N/I:N/A:C
攻撃元区分(AV)	ローカル
攻撃条件の複雑さ(AC)	低
攻撃前の認証要否(Au)	不要
機密性への影響(C)	なし
完全性への影響(I)	なし
可用性への影響(A)	高
Get all privileges.	いいえ
Get user privileges	いいえ
Get other privileges	いいえ
User operation required	いいえ

Affected software configurations

Configuration1	or higher	or less	more than	less than
cpe:2.3:o:linux:linux_kernel::::::::	2.6.0			2.6.30
cpe:2.3:o:canonical:ubuntu_linux:6.06:::::::*
cpe:2.3:o:canonical:ubuntu_linux:8.04:::::::*
cpe:2.3:o:canonical:ubuntu_linux:8.10:::::::*
cpe:2.3:o:canonical:ubuntu_linux:9.04:::::::*
cpe:2.3:o:debian:debian_linux:4.0:::::::*
cpe:2.3:o:debian:debian_linux:5.0:::::::*

Related information, measures and tools

No	URL	refsource
1	http://git.kernel.org/?p=linux/kernel/git/stable/stable-queue.git%3Ba=blob%3Bf=queue-2.6.30/kvm-x86-check-for-cr3-validity-in-ioctl_set_sregs.patch%3Bh=b48a47dad2cf76358b327368f80c0805e6370c68%3Bhb=e7c45b24f298b5d9efd7d401150f64a1b51aaac4	cve@mitre.org
2	http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=59839dfff5eabca01cc4e20b45797a60a80af8cb	cve@mitre.org
3	http://secunia.com/advisories/35675	cve@mitre.org
4	http://secunia.com/advisories/36045	cve@mitre.org
5	http://secunia.com/advisories/36054	cve@mitre.org
6	http://sourceforge.net/tracker/?func=detail&atid=893831&aid=2687641&group_id=180599	cve@mitre.org
7	http://www.debian.org/security/2009/dsa-1845	cve@mitre.org
8	http://www.mandriva.com/security/advisories?name=MDVSA-2010:198	cve@mitre.org
9	http://www.openwall.com/lists/oss-security/2009/06/30/1	cve@mitre.org
10	http://www.ubuntu.com/usn/usn-807-1	cve@mitre.org
11	http://git.kernel.org/?p=linux/kernel/git/stable/stable-queue.git%3Ba=blob%3Bf=queue-2.6.30/kvm-x86-check-for-cr3-validity-in-ioctl_set_sregs.patch%3Bh=b48a47dad2cf76358b327368f80c0805e6370c68%3Bhb=e7c45b24f298b5d9efd7d401150f64a1b51aaac4	af854a3a-2127-422b-91ae-364da2661108
12	http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=59839dfff5eabca01cc4e20b45797a60a80af8cb	af854a3a-2127-422b-91ae-364da2661108
13	http://secunia.com/advisories/35675	af854a3a-2127-422b-91ae-364da2661108
14	http://secunia.com/advisories/36045	af854a3a-2127-422b-91ae-364da2661108
15	http://secunia.com/advisories/36054	af854a3a-2127-422b-91ae-364da2661108
16	http://sourceforge.net/tracker/?func=detail&atid=893831&aid=2687641&group_id=180599	af854a3a-2127-422b-91ae-364da2661108
17	http://www.debian.org/security/2009/dsa-1845	af854a3a-2127-422b-91ae-364da2661108
18	http://www.mandriva.com/security/advisories?name=MDVSA-2010:198	af854a3a-2127-422b-91ae-364da2661108
19	http://www.openwall.com/lists/oss-security/2009/06/30/1	af854a3a-2127-422b-91ae-364da2661108
20	http://www.ubuntu.com/usn/usn-807-1	af854a3a-2127-422b-91ae-364da2661108

Common Vulnerabilities List

No	CWE	Name	URL
1	CWE-476	NULL ポインタデリファレンス	https://cwe.mitre.org/data/definitions/476.html