Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2014-3610

Опубликовано: 21 окт. 2014
Источник: redhat
CVSS2: 5.5

Описание

The WRMSR processing functionality in the KVM subsystem in the Linux kernel through 3.17.2 does not properly handle the writing of a non-canonical address to a model-specific register, which allows guest OS users to cause a denial of service (host OS crash) by leveraging guest OS privileges, related to the wrmsr_interception function in arch/x86/kvm/svm.c and the handle_wrmsr function in arch/x86/kvm/vmx.c.

It was found that KVM's Write to Model Specific Register (WRMSR) instruction emulation would write non-canonical values passed in by the guest to certain MSRs in the host's context. A privileged guest user could use this flaw to crash the host.

Отчет

This issue does not affect Linux kernel packages as shipped with Red Hat Enterprise Linux 6 and 7. Future kvm package updates for Red Hat Enterprise Linux 5 may address this issue.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 5kvmAffected
Red Hat Enterprise Linux 6kernelNot affected
Red Hat Enterprise Linux 7kernelNot affected
Red Hat Enterprise Linux 5kvmFixedRHSA-2015:086922.04.2015

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Important
Дефект:
CWE-248
https://bugzilla.redhat.com/show_bug.cgi?id=1144883kernel: kvm: noncanonical MSR writes

5.5 Medium

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2014-3610

CVSS3: 5.5
ubuntu
больше 10 лет назад

The WRMSR processing functionality in the KVM subsystem in the Linux kernel through 3.17.2 does not properly handle the writing of a non-canonical address to a model-specific register, which allows guest OS users to cause a denial of service (host OS crash) by leveraging guest OS privileges, related to the wrmsr_interception function in arch/x86/kvm/svm.c and the handle_wrmsr function in arch/x86/kvm/vmx.c.

nvd логотип

CVE-2014-3610

CVSS3: 5.5
nvd
больше 10 лет назад

The WRMSR processing functionality in the KVM subsystem in the Linux kernel through 3.17.2 does not properly handle the writing of a non-canonical address to a model-specific register, which allows guest OS users to cause a denial of service (host OS crash) by leveraging guest OS privileges, related to the wrmsr_interception function in arch/x86/kvm/svm.c and the handle_wrmsr function in arch/x86/kvm/vmx.c.

debian логотип

CVE-2014-3610

CVSS3: 5.5
debian
больше 10 лет назад

The WRMSR processing functionality in the KVM subsystem in the Linux k ...

github логотип

GHSA-f8g7-wvf8-qh5r

CVSS3: 5.5
github
около 3 лет назад

The WRMSR processing functionality in the KVM subsystem in the Linux kernel through 3.17.2 does not properly handle the writing of a non-canonical address to a model-specific register, which allows guest OS users to cause a denial of service (host OS crash) by leveraging guest OS privileges, related to the wrmsr_interception function in arch/x86/kvm/svm.c and the handle_wrmsr function in arch/x86/kvm/vmx.c.

oracle-oval логотип

ELSA-2015-0869

oracle-oval
около 10 лет назад

ELSA-2015-0869: kvm security update (IMPORTANT)

5.5 Medium

CVSS2