CVE-2014-3611

Опубликовано: 21 окт. 2014

Источник: redhat

CVSS2: 5.5

EPSS Низкий

Описание

Race condition in the __kvm_migrate_pit_timer function in arch/x86/kvm/i8254.c in the KVM subsystem in the Linux kernel through 3.17.2 allows guest OS users to cause a denial of service (host OS crash) by leveraging incorrect PIT emulation.

A race condition flaw was found in the way the Linux kernel's KVM subsystem handled PIT (Programmable Interval Timer) emulation. A guest user who has access to the PIT I/O ports could use this flaw to crash the host.

Отчет

This issue does affects the Linux kernel packages as shipped with Red Hat Enterprise Linux 6 and 7. This issue does affect the kvm packages as shipped with Red Hat Enterprise Linux 5. Future updates may address this issue in the respective Red Hat Enterprise Linux releases.

Затронутые пакеты

Платформа	Пакет	Состояние	Рекомендация	Релиз
Red Hat Enterprise Linux 5	kvm	Affected
Red Hat Enterprise Linux 5	kvm	Fixed	RHSA-2015:0869	22.04.2015
Red Hat Enterprise Linux 6	kernel	Fixed	RHSA-2014:1843	11.11.2014
Red Hat Enterprise Linux 6.5 Extended Update Support	kernel	Fixed	RHSA-2015:0284	03.03.2015
Red Hat Enterprise Linux 7	kernel	Fixed	RHSA-2014:1724	28.10.2014
RHEV 3.X Hypervisor and Agents for RHEL-6	rhev-hypervisor6	Fixed	RHSA-2015:0126	04.02.2015

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Important

Дефект:

CWE-362

https://bugzilla.redhat.com/show_bug.cgi?id=1144878kernel: kvm: PIT timer race condition

EPSS

Процентиль: 12%

0.00041

Низкий

5.5 Medium

CVSS2

Связанные уязвимости

CVE-2014-3611

CVSS3: 4.7

ubuntu

больше 10 лет назад

CVE-2014-3611

CVSS3: 4.7

nvd

больше 10 лет назад

CVE-2014-3611

CVSS3: 4.7

debian

больше 10 лет назад

Race condition in the __kvm_migrate_pit_timer function in arch/x86/kvm ...

GHSA-fjrx-4j65-6mrx

CVSS3: 4.7

github

около 3 лет назад

ELSA-2015-0869

oracle-oval

около 10 лет назад

ELSA-2015-0869: kvm security update (IMPORTANT)

EPSS

Процентиль: 12%

0.00041

Низкий

5.5 Medium

CVSS2