Lucene search

[email protected]CVE-2014-8480

HistoryNov 10, 2014 - 11:55 a.m.

CVE-2014-8480

2014-11-1011:55:00

CWE-399

[email protected]

web.nvd.nist.gov

cve-2014-8480

linux kernel

kvm

denial of service

vulnerability

security advisory

6.7 Medium

AI Score

Confidence

High

4.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:N/A:C

0.001 Low

EPSS

Percentile

45.9%

JSON

The instruction decoder in arch/x86/kvm/emulate.c in the KVM subsystem in the Linux kernel before 3.18-rc2 lacks intended decoder-table flags for certain RIP-relative instructions, which allows guest OS users to cause a denial of service (NULL pointer dereference and host OS crash) via a crafted application.

CPENameOperatorVersion
linux:linux_kernellinux linux kernelle3.18

CPE	Name	Operator	Version
linux:linux_kernel	linux linux kernel	le	3.18

References

git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=3f6f1480d86bf9fc16c160d803ab1d006e3058d5

thread.gmane.org/gmane.comp.emulators.kvm.devel/128427

www.openwall.com/lists/oss-security/2014/10/23/7

www.securityfocus.com/bid/70710

bugzilla.redhat.com/show_bug.cgi?id=1156615

github.com/torvalds/linux/commit/3f6f1480d86bf9fc16c160d803ab1d006e3058d5

6.7 Medium

AI Score

Confidence

High

4.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:N/A:C

0.001 Low

EPSS

Percentile

45.9%

JSON

Related for CVE-2014-8480

debiancve2 ubuntucve2 prion2 cve1 nessus4 archlinux1 fedora1 openvas2