4.9 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:N/I:N/A:C
kernel is vulnerable to denial of service. It was found that reporting emulation failures to user space could lead to either a local (CVE-2014-7842) or a L2->L1
(CVE-2010-5313) denial of service. In the case of a local denial of service, an attacker must have access to the MMIO area or be able to access an I/O port. Please note that on certain systems, HPET is mapped to userspace as part of vdso (vvar) and thus an unprivileged user may generate MMIO transactions (and enter the emulator) this way.
git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=a2b9e6c1a35afcc0973acb72e591c714e78885ff
git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=a2b9e6c1a35afcc0973acb72e591c714e78885ff
lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.html
lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html
lists.opensuse.org/opensuse-security-announce/2015-04/msg00000.html
lists.opensuse.org/opensuse-security-announce/2015-04/msg00015.html
rhn.redhat.com/errata/RHSA-2016-0855.html
secunia.com/advisories/62305
secunia.com/advisories/62326
secunia.com/advisories/62336
www.openwall.com/lists/oss-security/2014/11/13/7
www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html
www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html
www.securityfocus.com/bid/71078
access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/6.8_Release_Notes/index.html
access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/6.8_Technical_Notes/index.html
access.redhat.com/security/cve/CVE-2016-3841
access.redhat.com/security/updates/classification/#moderate
bugzilla.redhat.com/show_bug.cgi?id=1066751
bugzilla.redhat.com/show_bug.cgi?id=1163762
bugzilla.redhat.com/show_bug.cgi?id=1197875
bugzilla.redhat.com/show_bug.cgi?id=1225359
bugzilla.redhat.com/show_bug.cgi?id=1242239
bugzilla.redhat.com/show_bug.cgi?id=1248507
bugzilla.redhat.com/show_bug.cgi?id=1254020
bugzilla.redhat.com/show_bug.cgi?id=1259870
bugzilla.redhat.com/show_bug.cgi?id=1310661
bugzilla.redhat.com/show_bug.cgi?id=697750
bugzilla.redhat.com/show_bug.cgi?id=723722
bugzilla.redhat.com/show_bug.cgi?id=889368
github.com/torvalds/linux/commit/a2b9e6c1a35afcc0973acb72e591c714e78885ff
rhn.redhat.com/errata/RHSA-2016-0855.html
www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.17.4