Vulnerability Details : CVE-2009-4031

The do_insn_fetch function in arch/x86/kvm/emulate.c in the x86 emulator in the KVM subsystem in the Linux kernel before 2.6.32-rc8-next-20091125 tries to interpret instructions that contain too many bytes to be valid, which allows guest OS users to cause a denial of service (increased scheduling latency) on the host OS via unspecified manipulations related to SMP support.

Vulnerability category: Input validationDenial of service

Published 2009-11-29 13:07:32

Updated 2023-02-13 02:20:42

Source Red Hat, Inc.

View at NVD, CVE.org

Exploit prediction scoring system (EPSS) score for CVE-2009-4031

Probability of exploitation activity in the next 30 days: 0.23%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 60 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2009-4031

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Source
7.8	HIGH	AV:N/AC:L/Au:N/C:N/I:N/A:C	10.0	6.9	[email protected]
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: None Integrity Impact: None Availability Impact: Complete

CWE ids for CVE-2009-4031

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

Assigned by: [email protected] (Primary)

References for CVE-2009-4031

https://bugzilla.redhat.com/show_bug.cgi?id=541160

Issue Tracking;Third Party Advisory
http://git.kernel.org/?p=linux/kernel/git/avi/kvm.git%3Ba=commit%3Bh=e42d9b8141d1f54ff72ad3850bb110c95a5f3b88
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11089

Third Party Advisory
http://www.openwall.com/lists/oss-security/2009/11/25/1

Mailing List;Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00006.html

Third Party Advisory

CVEs referencing this url
https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00777.html

Third Party Advisory

CVEs referencing this url
http://www.securityfocus.com/bid/37130

Third Party Advisory;VDB Entry
http://www.kernel.org/pub/linux/kernel/v2.6/next/patch-v2.6.32-rc8-next-20091125.gz

Patch;Vendor Advisory
http://www.openwall.com/lists/oss-security/2009/11/25/3

Mailing List;Third Party Advisory

Products affected by CVE-2009-4031

Linux » Linux Kernel
Versions before (<) 2.6.32
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.32 Update RC4
cpe:2.3:o:linux:linux_kernel:2.6.32:rc4:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.32 Update RC5
cpe:2.3:o:linux:linux_kernel:2.6.32:rc5:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.32 Update RC1
cpe:2.3:o:linux:linux_kernel:2.6.32:rc1:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.32 Update RC3
cpe:2.3:o:linux:linux_kernel:2.6.32:rc3:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.32 Update RC7
cpe:2.3:o:linux:linux_kernel:2.6.32:rc7:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.32 Update RC6
cpe:2.3:o:linux:linux_kernel:2.6.32:rc6:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.32
cpe:2.3:o:linux:linux_kernel:2.6.32:-:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.32 Update RC2
cpe:2.3:o:linux:linux_kernel:2.6.32:rc2:*:*:*:*:*:*
Matching versions