Linux内核KVM超大SMP指令本地拒绝服务漏洞

漏洞起因
设计错误

影响系统
Linux kernel 2.6.31 5
Linux kernel 2.6.31 .2
Linux kernel 2.6.31 -rc7
Linux kernel 2.6.31 -rc6
Linux kernel 2.6.31 -rc3
+ Trustix Secure Enterprise Linux 2.0
+ Trustix Secure Linux 2.2
+ Trustix Secure Linux 2.1
+ Trustix Secure Linux 2.0
Linux kernel 2.6.31 -rc1
Linux kernel 2.6.31
Linux kernel 2.6.30 rc6
Linux kernel 2.6.30 1
Linux kernel 2.6.30 -rc5
Linux kernel 2.6.30 -rc3
Linux kernel 2.6.30 -rc2
Linux kernel 2.6.30 -rc1
Linux kernel 2.6.30
Linux kernel 2.6.29 4
Linux kernel 2.6.29 1
Linux kernel 2.6.29 -git8
Linux kernel 2.6.29 -git14
Linux kernel 2.6.29 -git1
Linux kernel 2.6.29
Linux kernel 2.6.28 9
Linux kernel 2.6.28 8
Linux kernel 2.6.28 6
Linux kernel 2.6.28 5
Linux kernel 2.6.28 3
Linux kernel 2.6.28 2
Linux kernel 2.6.28 1
Linux kernel 2.6.28 -rc7
Linux kernel 2.6.28 -rc5
Linux kernel 2.6.28 -rc1
Linux kernel 2.6.28 -git7
Linux kernel 2.6.28
Linux kernel 2.6.27 6
Linux kernel 2.6.27 3
Linux kernel 2.6.27 24
Linux kernel 2.6.27 14
Linux kernel 2.6.27 13
Linux kernel 2.6.27 12
Linux kernel 2.6.27 12
Linux kernel 2.6.27 .8
Linux kernel 2.6.27 .5
Linux kernel 2.6.27 .5
Linux kernel 2.6.27 -rc8-git5
Linux kernel 2.6.27 -rc8
Linux kernel 2.6.27 -rc6-git6
Linux kernel 2.6.27 -rc6
Linux kernel 2.6.27 -rc5
Linux kernel 2.6.27 -rc4
Linux kernel 2.6.27 -rc2
Linux kernel 2.6.27 -rc1
Linux kernel 2.6.27
Linux kernel 2.6.26 7
Linux kernel 2.6.26 4
Linux kernel 2.6.26 3
Linux kernel 2.6.26 .6
Linux kernel 2.6.26 -rc6
Linux kernel 2.6.26
Linux kernel 2.6.25 19
Linux kernel 2.6.25 .9
Linux kernel 2.6.25 .8
Linux kernel 2.6.25 .7
Linux kernel 2.6.25 .6
Linux kernel 2.6.25 .5
Linux kernel 2.6.25 .15
Linux kernel 2.6.25 .13
Linux kernel 2.6.25 .12
Linux kernel 2.6.25 .11
Linux kernel 2.6.25 .10
Linux kernel 2.6.25
Linux kernel 2.6.25
Linux kernel 2.6.24 .2
Linux kernel 2.6.24 .1
Linux kernel 2.6.24 -rc5
Linux kernel 2.6.24 -rc4
Linux kernel 2.6.24 -rc3
Linux kernel 2.6.24 -git13
Linux kernel 2.6.24
Linux kernel 2.6.23 .7
Linux kernel 2.6.23 .6
Linux kernel 2.6.23 .5
Linux kernel 2.6.23 .4
Linux kernel 2.6.23 .3
Linux kernel 2.6.23 .2
Linux kernel 2.6.23 -rc2
Linux kernel 2.6.23 -rc1
Linux kernel 2.6.23
Linux kernel 2.6.22 7
Linux kernel 2.6.22 1
Linux kernel 2.6.22 .8
Linux kernel 2.6.22 .6
Linux kernel 2.6.22 .5
Linux kernel 2.6.22 .4
Linux kernel 2.6.22 .3
Linux kernel 2.6.22 .17
Linux kernel 2.6.22 .16
Linux kernel 2.6.22 .15
Linux kernel 2.6.22 .14
Linux kernel 2.6.22 .13
Linux kernel 2.6.22 .12
Linux kernel 2.6.22 .11
Linux kernel 2.6.22
Linux kernel 2.6.22
Linux kernel 2.6.21 4
Linux kernel 2.6.21 .7
Linux kernel 2.6.21 .6
Linux kernel 2.6.21 .2
Linux kernel 2.6.21 .1
Linux kernel 2.6.21
Linux kernel 2.6.21
Linux kernel 2.6.21
Linux kernel 2.6.20 .9
Linux kernel 2.6.20 .8
Linux kernel 2.6.20 .5
Linux kernel 2.6.20 .4
Linux kernel 2.6.20 .15
Linux kernel 2.6.20 -git5
Linux kernel 2.6.20
+ Trustix Secure Enterprise Linux 2.0
+ Trustix Secure Linux 2.2
+ Trustix Secure Linux 2.1
+ Trustix Secure Linux 2.0
Linux kernel 2.6.20
Linux kernel 2.6.19 1
Linux kernel 2.6.19 .2
Linux kernel 2.6.19 .1
Linux kernel 2.6.19 -rc4
Linux kernel 2.6.19 -rc3
Linux kernel 2.6.19 -rc2
+ Trustix Secure Enterprise Linux 2.0
+ Trustix Secure Linux 2.2
+ Trustix Secure Linux 2.1
+ Trustix Secure Linux 2.0
Linux kernel 2.6.19 -rc1
Linux kernel 2.6.19
+ Trustix Secure Enterprise Linux 2.0
+ Trustix Secure Linux 2.2
+ Trustix Secure Linux 2.1
+ Trustix Secure Linux 2.0
Linux kernel 2.6.18 .4
Linux kernel 2.6.18 .3
Linux kernel 2.6.18 .1
Linux kernel 2.6.18
Linux kernel 2.6.17 .8
Linux kernel 2.6.17 .7
Linux kernel 2.6.17 .6
Linux kernel 2.6.17 .5
Linux kernel 2.6.17 .3
Linux kernel 2.6.17 .2
Linux kernel 2.6.17 .14
Linux kernel 2.6.17 .13
Linux kernel 2.6.17 .12
Linux kernel 2.6.17 .11
Linux kernel 2.6.17 .10
Linux kernel 2.6.17 .1
Linux kernel 2.6.17 -rc5
Linux kernel 2.6.17
Linux kernel 2.6.17
Linux kernel 2.6.17
Linux kernel 2.6.17
Linux kernel 2.6.17
Linux kernel 2.6.17
Linux kernel 2.6.16 27
Linux kernel 2.6.16 13
Linux kernel 2.6.16 .9
Linux kernel 2.6.16 .7
Linux kernel 2.6.16 .23
Linux kernel 2.6.16 .19
Linux kernel 2.6.16 .12
Linux kernel 2.6.16 .11
Linux kernel 2.6.16 .1
Linux kernel 2.6.16 -rc1
Linux kernel 2.6.16
Linux kernel 2.6.16
Linux kernel 2.6.16
Linux kernel 2.6.16
Linux kernel 2.6.16
Linux kernel 2.6.16
Linux kernel 2.6.16
Linux kernel 2.6.16
Linux kernel 2.6.16
Linux kernel 2.6.16
Linux kernel 2.6.16
Linux kernel 2.6.15 .4
Linux kernel 2.6.15 .3
Linux kernel 2.6.15 .2
Linux kernel 2.6.15 .1
Linux kernel 2.6.15 -rc3
Linux kernel 2.6.15 -rc2
Linux kernel 2.6.15 -rc1
Linux kernel 2.6.15
Linux kernel 2.6.15
Linux kernel 2.6.15
Linux kernel 2.6.15
Linux kernel 2.6.15
Linux kernel 2.6.15
+ Trustix Secure Enterprise Linux 2.0
+ Trustix Secure Linux 2.2
+ Trustix Secure Linux 2.1
+ Trustix Secure Linux 2.0
Linux kernel 2.6.14 .5
Linux kernel 2.6.14 .4
Linux kernel 2.6.14 .3
Linux kernel 2.6.14 .2
Linux kernel 2.6.14 .1
Linux kernel 2.6.14 -rc4
Linux kernel 2.6.14 -rc3
Linux kernel 2.6.14 -rc2
Linux kernel 2.6.14 -rc1
Linux kernel 2.6.14
Linux kernel 2.6.14
Linux kernel 2.6.13 .4
Linux kernel 2.6.13 .3
Linux kernel 2.6.13 .2
Linux kernel 2.6.13 .1
Linux kernel 2.6.13 -rc7
Linux kernel 2.6.13 -rc6
Linux kernel 2.6.13 -rc4
Linux kernel 2.6.13 -rc1
Linux kernel 2.6.13
Linux kernel 2.6.13
+ Trustix Secure Enterprise Linux 2.0
+ Trustix Secure Linux 2.2
+ Trustix Secure Linux 2.1
+ Trustix Secure Linux 2.0
Linux kernel 2.6.12 .6
Linux kernel 2.6.12 .5
Linux kernel 2.6.12 .4
Linux kernel 2.6.12 .3
Linux kernel 2.6.12 .22
Linux kernel 2.6.12 .2
Linux kernel 2.6.12 .12
Linux kernel 2.6.12 .1
Linux kernel 2.6.12 -rc5
Linux kernel 2.6.12 -rc4
Linux kernel 2.6.12 -rc1
Linux kernel 2.6.12
Linux kernel 2.6.12
Linux kernel 2.6.11 .8
Linux kernel 2.6.11 .7
Linux kernel 2.6.11 .6
Linux kernel 2.6.11 .5
Linux kernel 2.6.11 .4
Linux kernel 2.6.11 .12
Linux kernel 2.6.11 .11
Linux kernel 2.6.11 -rc4
Linux kernel 2.6.11 -rc3
Linux kernel 2.6.11 -rc2
Linux kernel 2.6.11
Linux kernel 2.6.11
Linux kernel 2.6.10 rc2
Linux kernel 2.6.10
Linux kernel 2.6.10
Linux kernel 2.6.9
Linux kernel 2.6.8 rc3
Linux kernel 2.6.8 rc2
Linux kernel 2.6.8 rc1
+ Ubuntu Ubuntu Linux 4.1 ppc
+ Ubuntu Ubuntu Linux 4.1 ia64
+ Ubuntu Ubuntu Linux 4.1 ia32
Linux kernel 2.6.8
Linux kernel 2.6.7 rc1
Linux kernel 2.6.7
Linux kernel 2.6.6 rc1
Linux kernel 2.6.6
Linux kernel 2.6.5
Linux kernel 2.6.4
Linux kernel 2.6.3
Linux kernel 2.6.2
Linux kernel 2.6.1 -rc2
Linux kernel 2.6.1 -rc1
Linux kernel 2.6.1
Linux kernel 2.6 .10
Linux kernel 2.6 -test9-CVS
Linux kernel 2.6 -test9
Linux kernel 2.6 -test8
Linux kernel 2.6 -test7
Linux kernel 2.6 -test6
Linux kernel 2.6 -test5
Linux kernel 2.6 -test4
Linux kernel 2.6 -test3
Linux kernel 2.6 -test2
Linux kernel 2.6 -test11
Linux kernel 2.6 -test10
Linux kernel 2.6 -test1
Linux kernel 2.6
Linux kernel 2.6.8.1
+ S.u.S.E. Linux Personal 9.2 x86_64
+ S.u.S.E. Linux Personal 9.2
+ Ubuntu Ubuntu Linux 4.1 ppc
+ Ubuntu Ubuntu Linux 4.1 ia64
+ Ubuntu Ubuntu Linux 4.1 ia32
Linux kernel 2.6.32-rc7
Linux kernel 2.6.32-rc5
+ Trustix Secure Enterprise Linux 2.0
+ Trustix Secure Linux 2.2
+ Trustix Secure Linux 2.1
+ Trustix Secure Linux 2.0
Linux kernel 2.6.32-rc4
Linux kernel 2.6.32-rc3
Linux kernel 2.6.32-rc2
Linux kernel 2.6.32-rc1
Linux kernel 2.6.31.4
Linux kernel 2.6.31.2
Linux kernel 2.6.31-rc9
Linux kernel 2.6.31-rc8
Linux kernel 2.6.31-rc7
Linux kernel 2.6.31-rc5-git3
Linux kernel 2.6.31-rc4
Linux kernel 2.6.31-rc2
Linux kernel 2.6.31-git11
+ Trustix Secure Enterprise Linux 2.0
+ Trustix Secure Linux 2.2
+ Trustix Secure Linux 2.1
+ Trustix Secure Linux 2.0
Linux kernel 2.6.30.5
Linux kernel 2.6.30.4
Linux kernel 2.6.30.3
Linux kernel 2.6.29-rc2-git1
Linux kernel 2.6.29-rc2
Linux kernel 2.6.29-rc1
Linux kernel 2.6.28.4
Linux kernel 2.6.26.1
Linux kernel 2.6.26-rc5-git1
Linux kernel 2.6.25.4
Linux kernel 2.6.25.3
Linux kernel 2.6.25.2
Linux kernel 2.6.25.1
Linux kernel 2.6.25-rc1
Linux kernel 2.6.24.6
Linux kernel 2.6.24-rc2
Linux kernel 2.6.24-rc1
Linux kernel 2.6.23.14
Linux kernel 2.6.23.10
Linux kernel 2.6.23.1
Linux kernel 2.6.23.09
Linux kernel 2.6.22-rc7
Linux kernel 2.6.22-rc1
Linux kernel 2.6.21-RC6
Linux kernel 2.6.21-RC5
Linux kernel 2.6.21-RC4
Linux kernel 2.6.21-RC3
Linux kernel 2.6.21-RC3
Linux kernel 2.6.20.3
Linux kernel 2.6.20.2
Linux kernel 2.6.20.13
Linux kernel 2.6.20.11
Linux kernel 2.6.20.1
Linux kernel 2.6.20-rc2
Linux kernel 2.6.20-2
Linux kernel 2.6.19 -rc6
Linux kernel 2.6.18-8.1.8.el5
Linux kernel 2.6.18-53
Linux kernel 2.6.18
Linux kernel 2.6.15.5
Linux kernel 2.6.15.11
Linux kernel 2.6.15-27.48
Linux kernel 2.6.11.4

不受影响系统

危害
本地攻击者可以利用漏洞对系统进行拒绝服务攻击。

攻击所需条件
攻击者必须访问Linux。

漏洞信息
Linux是一款开放源代码的操作系统。
如果传递的指令超过15字节，在多处理器的情况会解释此类的指令，在非抢占主机系统上会引起很大的延迟，造成拒绝服务攻击。

测试方法

厂商解决方案
GIT库已经修复此漏洞，建议用户下载补丁使用：
http://git.kernel.org/?p=linux/kernel/git/avi/kvm.git;a=commitdiff;h=e42d9b8141d1f54ff72ad3850bb110c95a5f3b88

漏洞提供者
Avi Kivity

← ISC BIND 9 DNSSEC缓存"毒药"漏洞

PHP ‘proc_open()’ ‘safe_mode_protected_env_var’限制绕过漏洞 →

ZeroBox Vulnerability Database

坚持！我们将做的更好！

Linux内核KVM超大SMP指令本地拒绝服务漏洞

0 条评论。

发表评论