UBUNTU-CVE-2015-5307

The KVM subsystem in the Linux kernel through 4.2.6, and Xen 4.3.x through 4.6.x, allows guest OS users to cause a denial of service host OS panic or hang by triggering many AC aka Alignment Check exceptions, related to svm.c and vmx.c...

kernel: kvm: insufficient sysenter emulation when invoked from 16-bit code

It was found that the Linux kernel KVM subsystem's sysenter instruction emulation was not sufficient. An unprivileged guest user could use this flaw to escalate their privileges by tricking the hypervisor to emulate a SYSENTER instruction in 16-bit mode, if the guest OS did not initialize the...

kernel: kvm: noncanonical MSR writes

It was found that KVM's Write to Model Specific Register WRMSR instruction emulation would write non-canonical values passed in by the guest to certain MSRs in the host's context. A privileged guest user could use this flaw to crash the host...

kernel: kvm: vmx: invalid host cr4 handling across vm entries

It was found that the Linux kernel's KVM implementation did not ensure that the host CR4 control register value remained unchanged across VM entries on the same virtual CPU. A local, unprivileged user could use this flaw to cause a denial of service on the system...

kernel: kvm: vmx: invvpid vm exit not handled

It was found that the Linux kernel's KVM subsystem did not handle the VM exits gracefully for the invvpid Invalidate Translations Based on VPID instructions. On hosts with an Intel processor and invppid VM exit support, an unprivileged guest user could use these instructions to crash the guest...

kernel: kvm: vmx: invvpid vm exit not handled

It was found that the Linux kernel's KVM subsystem did not handle the VM exits gracefully for the invvpid Invalidate Translations Based on VPID instructions. On hosts with an Intel processor and invppid VM exit support, an unprivileged guest user could use these instructions to crash the guest...

UBUNTU-CVE-2015-0239

The emsysenter function in arch/x86/kvm/emulate.c in the Linux kernel before 3.18.5, when the guest OS lacks SYSENTER MSR initialization, allows guest OS users to gain guest OS privileges or cause a denial of service guest OS crash by triggering use of a 16-bit code segment for emulation of a...

DEBIAN-CVE-2010-5313

Race condition in arch/x86/kvm/x86.c in the Linux kernel before 2.6.38 allows L2 guest OS users to cause a denial of service L1 guest OS crash via a crafted instruction that triggers an L2 emulation failure report, a similar issue to CVE-2014-7842...

UBUNTU-CVE-2014-7842

Race condition in arch/x86/kvm/x86.c in the Linux kernel before 3.17.4 allows guest OS users to cause a denial of service guest OS crash via a crafted application that performs an MMIO transaction or a PIO transaction to trigger a guest userspace emulation error report, a similar issue to...

kernel: kvm: PIT timer race condition

A race condition flaw was found in the way the Linux kernel's KVM subsystem handled PIT Programmable Interval Timer emulation. A guest user who has access to the PIT I/O ports could use this flaw to crash the host...

kernel: kvm: vmx: invvpid vm exit not handled

It was found that the Linux kernel's KVM subsystem did not handle the VM exits gracefully for the invvpid Invalidate Translations Based on VPID instructions. On hosts with an Intel processor and invppid VM exit support, an unprivileged guest user could use these instructions to crash the guest...

DEBIAN-CVE-2014-3646

arch/x86/kvm/vmx.c in the KVM subsystem in the Linux kernel through 3.17.2 does not have an exit handler for the INVVPID instruction, which allows guest OS users to cause a denial of service guest OS crash via a crafted application...

DEBIAN-CVE-2014-3611

Race condition in the kvmmigratepittimer function in arch/x86/kvm/i8254.c in the KVM subsystem in the Linux kernel through 3.17.2 allows guest OS users to cause a denial of service host OS crash by leveraging incorrect PIT emulation...

PT-2014-5418 · Linux +5 · Linux Kernel +5

Name of the Vulnerable Software and Affected Versions: Linux kernel versions through 3.17.2 Description: A race condition in the kvm migrate pit timer function in the KVM subsystem allows guest OS users to cause a denial of service host OS crash by leveraging incorrect PIT emulation. A local gues...

PT-2014-5435 · Linux +5 · Linux Kernel +5

Name of the Vulnerable Software and Affected Versions: Linux kernel versions through 3.17.2 Description: The issue is related to the KVM subsystem in the Linux kernel, specifically in the arch/x86/kvm/vmx.c file. It does not have an exit handler for the INVVPID instruction, which allows guest OS...

UBUNTU-CVE-2014-3611

Race condition in the kvmmigratepittimer function in arch/x86/kvm/i8254.c in the KVM subsystem in the Linux kernel through 3.17.2 allows guest OS users to cause a denial of service host OS crash by leveraging incorrect PIT emulation. A local guest user with access to the PIT i/o ports could use...

kvm: division by zero in apic_get_tmcct()

The apicgettmcct function in arch/x86/kvm/lapic.c in the KVM subsystem in the Linux kernel through 3.12.5 allows guest OS users to cause a denial of service divide-by-zero error and host OS crash via crafted modifications of the TMICT value...

kvm: cross page vapic_addr access

The KVM subsystem in the Linux kernel through 3.12.5 allows local users to gain privileges or cause a denial of service system crash via a VAPIC synchronization operation involving a page-end address...

DEBIAN-CVE-2013-7130

The icreateimagesandbacking aka createimagesandbacking method in libvirt driver in OpenStack Compute Nova Grizzly, Havana, and Icehouse, when using KVM live block migration, does not properly create all expected files, which allows attackers to obtain snapshot root disk contents of other users vi...

DEBIAN-CVE-2013-6368

The KVM subsystem in the Linux kernel through 3.12.5 allows local users to gain privileges or cause a denial of service system crash via a VAPIC synchronization operation involving a page-end address...