BDU:2015-04307

Уязвимости операционной системы SUSE Linux Enterprise, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Severity: CRITICAL (10.0) Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

References:

Published: 2015-04-28
Modified: 2016-11-28

BDU:2015-04308

Severity: CRITICAL (10.0) Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

References:

Published: 2015-04-28
Modified: 2016-11-28

BDU:2015-04309

Severity: CRITICAL (10.0) Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

References:

Published: 2015-04-28
Modified: 2016-11-28

BDU:2015-04310

Severity: CRITICAL (10.0) Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

References:

Published: 2014-04-14
Modified: 2025-04-12

CVE-2014-0155

The ioapic_deliver function in virt/kvm/ioapic.c in the Linux kernel through 3.14.1 does not properly validate the kvm_irq_delivery_to_apic return value, which allows guest OS users to cause a denial of service (host OS crash) via a crafted entry in the redirection table of an I/O APIC. NOTE: the affected code was moved to the ioapic_service function before the vulnerability was announced.

Severity: MEDIUM (5.5) Vector: AV:A/AC:L/Au:S/C:N/I:N/A:C

References:

Version: 2.1.2

Package kernel-src-kvm update in sisyphus on 2014-05-13

ALT-PU-2014-1617-1

Closed vulnerabilities

BDU:2015-04307

BDU:2015-04308

BDU:2015-04309

BDU:2015-04310

CVE-2014-0155