CVE-2014-3647

2014-10-23T00:00:00
ID UB:CVE-2014-3647
Type ubuntucve
Reporter ubuntu.com
Modified 2014-10-23T00:00:00

Description

arch/x86/kvm/emulate.c in the KVM subsystem in the Linux kernel through 3.17.2 does not properly perform RIP changes, which allows guest OS users to cause a denial of service (guest OS crash) via a crafted application. A guest user with access to I/O or MMIO region can use this flaw to crash the guest.

Bugs

  • <https://launchpad.net/bugs/1384545>

Notes

Author| Note
---|---
jdstrand | android kernels (flo, goldfish, grouper, maguro, mako and manta) are not supported on the Ubuntu Touch 14.04 preview kernels linux-lts-saucy no longer receives official support linux-lts-quantal no longer receives official support CVE disclosure was part of miscoordinated CRD (various (incomplete) commits were publicly leaked by other vendors and upstream before the embargo was lifted). Updates for linux on Ubuntu 14.04 LTS were made available to users on 2014/10/28 but due to a process error, USN publication did not happen until 2014/10/30. Updates for linux-lts-trusty on Ubuntu 12.04 LTS were made available to users on 2014/10/29 but due to a process error, USN publication did not happen until 2014/10/30. Updates for linux on Ubuntu 14.10 were made available to users on 2014/10/28 but due to a process error, USN publication did not happen until 2014/10/31.