CVE-2014-3690

2014-11-1000:00:00

ubuntu.com

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

4.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:N/A:C

0.001 Low

EPSS

Percentile

27.0%

JSON

arch/x86/kvm/vmx.c in the KVM subsystem in the Linux kernel before 3.17.2
on Intel processors does not ensure that the value in the CR4 control
register remains the same after a VM entry, which allows host OS users to
kill arbitrary processes or cause a denial of service (system disruption)
by leveraging /dev/kvm access, as demonstrated by PR_SET_TSC prctl calls
within a modified copy of QEMU.

Bugs

<https://launchpad.net/bugs/1388970>

Notes

Author	Note
jdstrand	android kernels (flo, goldfish, grouper, maguro, mako and manta) are not supported on the Ubuntu Touch 14.04 preview kernels linux-lts-saucy no longer receives official support linux-lts-quantal no longer receives official support

OSVersionArchitecturePackageVersionFilename
ubuntu12.04noarchlinux< 3.2.0-72.107UNKNOWN
ubuntu14.04noarchlinux< 3.13.0-40.69UNKNOWN
ubuntu14.10noarchlinux< 3.16.0-25.33UNKNOWN
ubuntu12.04noarchlinux-armadaxp< 3.2.0-1641.59UNKNOWN
ubuntu12.04noarchlinux-lts-trusty< 3.13.0-40.69~precise1UNKNOWN
ubuntu12.04noarchlinux-ti-omap4< 3.2.0-1456.76UNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	12.04	noarch	linux	< 3.2.0-72.107	UNKNOWN
ubuntu	14.04	noarch	linux	< 3.13.0-40.69	UNKNOWN
ubuntu	14.10	noarch	linux	< 3.16.0-25.33	UNKNOWN
ubuntu	12.04	noarch	linux-armadaxp	< 3.2.0-1641.59	UNKNOWN
ubuntu	12.04	noarch	linux-lts-trusty	< 3.13.0-40.69~precise1	UNKNOWN
ubuntu	12.04	noarch	linux-ti-omap4	< 3.2.0-1456.76	UNKNOWN