CVE-2014-3645

Published: Nov 10, 2014

Modified: Aug 6, 2024

PUBLISHED

Description

arch/x86/kvm/vmx.c in the KVM subsystem in the Linux kernel before 3.12 does not have an exit handler for the INVEPT instruction, which allows guest OS users to cause a denial of service (guest OS crash) via a crafted application.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://bugzilla.redhat.com/show_bug.cgi?id=1144835

x_refsource_CONFIRM

USN-2418-1

vendor-advisory

x_refsource_UBUNTU

USN-2417-1

vendor-advisory

x_refsource_UBUNTU

DSA-3060

vendor-advisory

x_refsource_DEBIAN

https://github.com/torvalds/linux/commit/bfd0a56b90005f8c8a004baf407ad90045c2b11e

x_refsource_CONFIRM

RHSA-2015:0284

vendor-advisory

x_refsource_REDHAT

[oss-security] 20141024 kvm issues

mailing-list

x_refsource_MLIST

RHSA-2015:0126

vendor-advisory

x_refsource_REDHAT

http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=bfd0a56b90005f8c8a004baf407ad90045c2b11e

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2014-3645

Description

Affected Products

References