Package: kvm Severity: serious Tags: security -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi, the following CVE (Common Vulnerabilities & Exposures) id was published for kvm. CVE-2009-4031[0]: | The do_insn_fetch function in arch/x86/kvm/emulate.c in the x86 | emulator in the KVM subsystem in the Linux kernel before | 2.6.32-rc8-next-20091125 tries to interpret instructions that contain | too many bytes to be valid, which allows guest OS users to cause a | denial of service (increased scheduling latency) on the host OS via | unspecified manipulations related to SMP support. If you fix the vulnerability please also make sure to include the CVE id in your changelog entry. For further information see: [0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4031 http://security-tracker.debian.org/tracker/CVE-2009-4031 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iEYEARECAAYFAkswxagACgkQNxpp46476apvJwCdGK+7p3RZ2Cd7j9ry75NcPxj0 O1kAoIsb3bru1h7Q71yjMDJpMWVEODrZ =Wsbg -----END PGP SIGNATURE-----