CVE-2014-8134

Опубликовано: 05 дек. 2014

Источник: redhat

CVSS2: 1.9

Описание

The paravirt_ops_setup function in arch/x86/kernel/kvm.c in the Linux kernel through 3.18 uses an improper paravirt_enabled setting for KVM guest kernels, which makes it easier for guest OS users to bypass the ASLR protection mechanism via a crafted application that reads a 16-bit value.

It was found that the espfix functionality does not work for 32-bit KVM paravirtualized guests. A local, unprivileged guest user could potentially use this flaw to leak kernel stack addresses.

Отчет

This issue did not affect the Linux kernel packages as shipped with Red Hat Enterprise Linux 5 and 7, and Red Hat Enterprise Linux MRG 2.

Затронутые пакеты

Платформа	Пакет	Состояние	Рекомендация	Релиз
Red Hat Enterprise Linux 5	kernel	Not affected
Red Hat Enterprise Linux 7	kernel	Not affected
Red Hat Enterprise MRG 2	kernel	Not affected
Red Hat Enterprise Linux 6	kernel	Fixed	RHSA-2016:0855	10.05.2016

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low

https://bugzilla.redhat.com/show_bug.cgi?id=1172765kernel: x86: espfix not working for 32-bit KVM paravirt guests

1.9 Low

CVSS2

Связанные уязвимости

CVE-2014-8134

CVSS3: 3.3

ubuntu

больше 10 лет назад

CVE-2014-8134

CVSS3: 3.3

nvd

больше 10 лет назад

CVE-2014-8134

CVSS3: 3.3

debian

больше 10 лет назад

The paravirt_ops_setup function in arch/x86/kernel/kvm.c in the Linux ...

GHSA-m3qc-7rv2-p8pm

CVSS3: 3.3

github

около 3 лет назад

ELSA-2015-3012

oracle-oval

больше 10 лет назад

ELSA-2015-3012: Unbreakable Enterprise kernel security and bugfix update (IMPORTANT)

1.9 Low

CVSS2