CVE-2014-3611

Race condition in the __kvm_migrate_pit_timer function in arch/x86/kvm/i8254.c in the KVM subsystem in the Linux kernel through 3.17.2 allows guest OS users to cause a denial of service (host OS crash) by leveraging incorrect PIT emulation.

CVSS v3 4.7 MEDIUM
CVSS v2.0 4.7 MEDIUM

4.7^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.0 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity HIGH

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

4.7^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:L/AC:M/Au:N/C:N/I:N/A:C

Exploitability : 3.4 / Impact : 6.9

Access Vector LOCAL

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact COMPLETE

References

Link	Resource
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=2febc839133280d5a5e8e1179c94ea674489dae2
http://rhn.redhat.com/errata/RHSA-2015-0126.html	Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2015-0284.html	Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2015-0869.html	Third Party Advisory
http://www.debian.org/security/2014/dsa-3060	Third Party Advisory
http://www.openwall.com/lists/oss-security/2014/10/24/9	Mailing List Patch Third Party Advisory
http://www.ubuntu.com/usn/USN-2394-1	Third Party Advisory
http://www.ubuntu.com/usn/USN-2417-1	Third Party Advisory
http://www.ubuntu.com/usn/USN-2418-1	Third Party Advisory
http://www.ubuntu.com/usn/USN-2491-1	Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=1144878	Issue Tracking Patch Third Party Advisory
https://github.com/torvalds/linux/commit/2febc839133280d5a5e8e1179c94ea674489dae2	Patch Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*

Configuration 3 (hide)

OR	cpe:2.3:o:canonical:ubuntu_linux:10.04::::-:::
	cpe:2.3:o:canonical:ubuntu_linux:12.04::::esm:::

Configuration 4 (hide)

cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*

History

13 Feb 2023, 00:41

Type	Values Removed	Values Added
References	~~{'url': 'https://access.redhat.com/errata/RHSA-2014:1724', 'name': 'https://access.redhat.com/errata/RHSA-2014:1724', 'tags': [], 'refsource': 'MISC'}~~ ~~{'url': 'https://access.redhat.com/security/cve/CVE-2014-3611', 'name': 'https://access.redhat.com/security/cve/CVE-2014-3611', 'tags': [], 'refsource': 'MISC'}~~ ~~{'url': 'https://access.redhat.com/errata/RHSA-2015:0284', 'name': 'https://access.redhat.com/errata/RHSA-2015:0284', 'tags': [], 'refsource': 'MISC'}~~ ~~{'url': 'https://access.redhat.com/errata/RHSA-2015:0126', 'name': 'https://access.redhat.com/errata/RHSA-2015:0126', 'tags': [], 'refsource': 'MISC'}~~ ~~{'url': 'https://access.redhat.com/errata/RHSA-2014:1843', 'name': 'https://access.redhat.com/errata/RHSA-2014:1843', 'tags': [], 'refsource': 'MISC'}~~ ~~{'url': 'https://access.redhat.com/errata/RHSA-2015:0869', 'name': 'https://access.redhat.com/errata/RHSA-2015:0869', 'tags': [], 'refsource': 'MISC'}~~
Summary	A race condition flaw was found in the way the Linux kernel's KVM subsystem handled PIT (Programmable Interval Timer) emulation. A guest user who has access to the PIT I/O ports could use this flaw to crash the host.	Race condition in the __kvm_migrate_pit_timer function in arch/x86/kvm/i8254.c in the KVM subsystem in the Linux kernel through 3.17.2 allows guest OS users to cause a denial of service (host OS crash) by leveraging incorrect PIT emulation.

02 Feb 2023, 20:17

Type	Values Removed	Values Added
Summary	Race condition in the __kvm_migrate_pit_timer function in arch/x86/kvm/i8254.c in the KVM subsystem in the Linux kernel through 3.17.2 allows guest OS users to cause a denial of service (host OS crash) by leveraging incorrect PIT emulation.	A race condition flaw was found in the way the Linux kernel's KVM subsystem handled PIT (Programmable Interval Timer) emulation. A guest user who has access to the PIT I/O ports could use this flaw to crash the host.
References	{'url': 'http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=2febc839133280d5a5e8e1179c94ea674489dae2', 'name': 'http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=2febc839133280d5a5e8e1179c94ea674489dae2', 'tags': ['Mailing List', 'Patch', 'Vendor Advisory'], 'refsource': 'CONFIRM'}	(MISC) https://access.redhat.com/errata/RHSA-2014:1724 - (MISC) http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=2febc839133280d5a5e8e1179c94ea674489dae2 - (MISC) https://access.redhat.com/security/cve/CVE-2014-3611 - (MISC) https://access.redhat.com/errata/RHSA-2015:0284 - (MISC) https://access.redhat.com/errata/RHSA-2015:0126 - (MISC) https://access.redhat.com/errata/RHSA-2014:1843 - (MISC) https://access.redhat.com/errata/RHSA-2015:0869 -

Information

Published : 2014-11-10 11:55

Updated : 2023-12-10 11:31

NVD link : CVE-2014-3611

Mitre link : CVE-2014-3611

CVE.ORG link : CVE-2014-3611

JSON object : View

Products Affected

linux

linux_kernel

debian

debian_linux

redhat

enterprise_linux

canonical

ubuntu_linux

CWE

CWE-362

Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

4.7 /10

Attack Vector LOCAL

Attack Complexity HIGH

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

4.7 /10

Access Vector LOCAL

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact COMPLETE

JSON object

Attach tags to CVE-2014-3611

4.7^/10

4.7^/10

Attach tags to `CVE-2014-3611`