CVE-2014-3647

Опубликовано: 10 нояб. 2014

Источник: nvd

CVSS3: 5.5

CVSS2: 1.9

EPSS Низкий

Описание

arch/x86/kvm/emulate.c in the KVM subsystem in the Linux kernel through 3.17.2 does not properly perform RIP changes, which allows guest OS users to cause a denial of service (guest OS crash) via a crafted application.

Ссылки

http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=234f3ce485d54017f15cf5e0699cff4100121601
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=d1442d85cc30ea75f7d399474ca738e0bc96f715
http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.html
Mailing List
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html
Mailing List
Third Party Advisory
http://www.debian.org/security/2014/dsa-3060
Third Party Advisory
http://www.openwall.com/lists/oss-security/2014/10/24/9
Mailing List
Patch
Third Party Advisory
http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html
Third Party Advisory
http://www.securityfocus.com/bid/70748
Third Party Advisory
VDB Entry
http://www.ubuntu.com/usn/USN-2394-1
Third Party Advisory
http://www.ubuntu.com/usn/USN-2417-1
Third Party Advisory
http://www.ubuntu.com/usn/USN-2418-1
Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=1144897
Issue Tracking
Patch
Third Party Advisory
https://github.com/torvalds/linux/commit/234f3ce485d54017f15cf5e0699cff4100121601
Patch
Third Party Advisory
https://github.com/torvalds/linux/commit/d1442d85cc30ea75f7d399474ca738e0bc96f715
Patch
Third Party Advisory
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=234f3ce485d54017f15cf5e0699cff4100121601
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=d1442d85cc30ea75f7d399474ca738e0bc96f715
http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.html
Mailing List
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html
Mailing List
Third Party Advisory
http://www.debian.org/security/2014/dsa-3060
Third Party Advisory
http://www.openwall.com/lists/oss-security/2014/10/24/9
Mailing List
Patch
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Версия до 3.17.2 (включая)

Конфигурация 2

Одно из

cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*

Конфигурация 3

cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*

Конфигурация 4

cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*

Конфигурация 5

Одно из

cpe:2.3:o:opensuse:evergreen:11.4:*:*:*:*:*:*:*

cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp2:*:*:ltss:*:*:*

Конфигурация 6

cpe:2.3:o:oracle:linux:7:-:*:*:*:*:*:*

EPSS

Процентиль: 7%

0.00032

Низкий

5.5 Medium

CVSS3

1.9 Low

CVSS2

Дефекты

NVD-CWE-noinfo

Связанные уязвимости

CVE-2014-3647

CVSS3: 5.5

ubuntu

больше 10 лет назад

CVE-2014-3647

redhat

почти 11 лет назад

CVE-2014-3647

CVSS3: 5.5

debian

больше 10 лет назад

arch/x86/kvm/emulate.c in the KVM subsystem in the Linux kernel throug ...

GHSA-v5ch-j8v9-2r5x

CVSS3: 5.5

github

около 3 лет назад

SUSE-SU-2015:1071-1

suse-cvrf

около 10 лет назад

Security update for the Linux Kernel

EPSS

Процентиль: 7%

0.00032

Низкий

5.5 Medium

CVSS3

1.9 Low

CVSS2

Дефекты

NVD-CWE-noinfo