ALT-PU-2014-1389-1 — kernel-src-kvm

BDU:2014-00055

HIGH7.4

Уязвимость операционной системы Linux, позволяющая злоумышленнику вызвать отказ в обслуживании, повысить свои привилегии или выполнить произвольный код

Published: 2016-07-05Modified: 2016-11-28

CVSS 2.0HIGH 7.4

CVSS:2.0/AV:A/AC:M/Au:S/C:C/I:C/A:C

References

CVE-2014-0049

BDU:2014-00094

HIGH7.2

Уязвимость операционной системы Linux, позволяющая злоумышленнику повысить свои привилегии

Published: 2016-07-05Modified: 2016-11-28

CVSS 2.0HIGH 7.2

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C

References

CVE-2013-4587

BDU:2014-00095

MEDIUM5.7

Уязвимость операционной системы Linux, позволяющая злоумышленнику вызвать отказ в обслуживании

Published: 2016-07-05Modified: 2026-04-30

CVSS 2.0MEDIUM 5.7

CVSS:2.0/AV:A/AC:M/Au:N/C:N/I:N/A:C

References

CVE-2013-6367

CVE-2013-4587

HIGH7.2

Array index error in the kvm_vm_ioctl_create_vcpu function in virt/kvm/kvm_main.c in the KVM subsystem in the Linux kernel through 3.12.5 allows local users to gain privileges via a large id value.

Published: 2013-12-14Modified: 2026-04-29

CVSS 2.0HIGH 7.2

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C

References

CVE-2013-6367

MEDIUM5.7

The apic_get_tmcct function in arch/x86/kvm/lapic.c in the KVM subsystem in the Linux kernel through 3.12.5 allows guest OS users to cause a denial of service (divide-by-zero error and host OS crash) via crafted modifications of the TMICT value.

Published: 2013-12-14Modified: 2026-04-29

CVSS 2.0MEDIUM 5.7

CVSS:2.0/AV:A/AC:M/Au:N/C:N/I:N/A:C

References

CVE-2013-6368

MEDIUM6.2

The KVM subsystem in the Linux kernel through 3.12.5 allows local users to gain privileges or cause a denial of service (system crash) via a VAPIC synchronization operation involving a page-end address.

Published: 2013-12-14Modified: 2026-04-29

CVSS 2.0MEDIUM 6.2

CVSS:2.0/AV:L/AC:H/Au:N/C:C/I:C/A:C

References

CVE-2013-6376

MEDIUM5.2

The recalculate_apic_map function in arch/x86/kvm/lapic.c in the KVM subsystem in the Linux kernel through 3.12.5 allows guest OS users to cause a denial of service (host OS crash) via a crafted ICR write operation in x2apic mode.

Published: 2013-12-14Modified: 2026-04-29

CVSS 2.0MEDIUM 5.2

CVSS:2.0/AV:A/AC:M/Au:S/C:N/I:N/A:C

References

CVE-2014-0049

HIGH7.4

Buffer overflow in the complete_emulated_mmio function in arch/x86/kvm/x86.c in the Linux kernel before 3.13.6 allows guest OS users to execute arbitrary code on the host OS by leveraging a loop that triggers an invalid memory copy affecting certain cancel_work_item data.

Published: 2014-03-11Modified: 2025-04-12

CVSS 2.0HIGH 7.4

CVSS:2.0/AV:A/AC:M/Au:S/C:C/I:C/A:C

References

Package update kernel-src-kvm in branch c7

Closed issues (8)

Уязвимость операционной системы Linux, позволяющая злоумышленнику вызвать отказ в обслуживании, повысить свои привилегии или выполнить произвольный код

Уязвимость операционной системы Linux, позволяющая злоумышленнику повысить свои привилегии

Уязвимость операционной системы Linux, позволяющая злоумышленнику вызвать отказ в обслуживании

Array index error in the kvm_vm_ioctl_create_vcpu function in virt/kvm/kvm_main.c in the KVM subsystem in the Linux kernel through 3.12.5 allows local users to gain privileges via a large id value.

The apic_get_tmcct function in arch/x86/kvm/lapic.c in the KVM subsystem in the Linux kernel through 3.12.5 allows guest OS users to cause a denial of service (divide-by-zero error and host OS crash) via crafted modifications of the TMICT value.

The KVM subsystem in the Linux kernel through 3.12.5 allows local users to gain privileges or cause a denial of service (system crash) via a VAPIC synchronization operation involving a page-end address.

The recalculate_apic_map function in arch/x86/kvm/lapic.c in the KVM subsystem in the Linux kernel through 3.12.5 allows guest OS users to cause a denial of service (host OS crash) via a crafted ICR write operation in x2apic mode.

Buffer overflow in the complete_emulated_mmio function in arch/x86/kvm/x86.c in the Linux kernel before 3.13.6 allows guest OS users to execute arbitrary code on the host OS by leveraging a loop that triggers an invalid memory copy affecting certain cancel_work_item data.