2.1 Low
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:N/I:N/A:P
0.001 Low
EPSS
Percentile
25.6%
arch/x86/kvm/vmx.c in the KVM subsystem in the Linux kernel before 3.12
does not have an exit handler for the INVEPT instruction, which allows
guest OS users to cause a denial of service (guest OS crash) via a crafted
application.
A local unprivileged guest user could use this flaw to crash the
guest.
Author | Note |
---|---|
jdstrand | android kernels (flo, goldfish, grouper, maguro, mako and manta) are not supported on the Ubuntu Touch 14.04 preview kernels linux-lts-saucy no longer receives official support linux-lts-quantal no longer receives official support |