Internet threat level: 1
Home→Descriptions→SA47482
Linux Kernel KVM "syscall" Emulation and CIFS Special Files Lookup Denial of Service Vulnerabilities
| Secunia ID | |
| CVE-ID | |
| Release Date |
12 Jan 2012 |
| Last Change |
29 Feb 2012 |
| Criticality | |
| Solution Status |
Unpatched |
| Where | |
| Impact |
DoS (Denial of Service)This includes vulnerabilities ranging from excessive resource consumption (e.g. causing a system to use a lot of memory) to crashing an application or an entire system. |
| Description |
Two vulnerabilities have been reported in the Linux Kernel, which can be exploited by malicious, local users and malicious, local users in a guest virtual machine to cause a DoS (Denial of Service). 1) An error due to KVM not properly handling the "syscall" instruction (opcode 0f05) in certain CPU modes on some CPU models can be exploited to e.g. crash 32-bit guest machines and 64-bit guest machines to behave incorrectly by running a specially crafted executable. 2) An error in the "cifs_lookup()" function (fs/cifs/dir.c) when performing a lookup on certain files may result in an incorrect reference count when a special file is encountered (e.g. FIFO) and crash the system during the unmount. |
| Solution |
Restrict access to trusted users only. |
| Reported by |
1) Stephan Bärwolf |
| Original Advisory |
1) https://lkml.org/lkml/2011/12/28/170 |
© 1997-2013 Kaspersky Lab ZAO. All Rights Reserved.
Industry-leading Antivirus Software.
Registered trademarks and service marks are the property of their respective owners.
The authors' opinions do not necessarily reflect the official positions of Kaspersky Lab.