arch/x86/kvm/vmx.c in the KVM subsystem in the Linux kernel through 3.17.2 does not have an exit handler for the INVVPID instruction, which allows guest OS users to cause a denial of service (guest OS crash) via a crafted application.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
|
Configuration 5 (hide)
|
History
13 Feb 2023, 00:41
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Summary | arch/x86/kvm/vmx.c in the KVM subsystem in the Linux kernel through 3.17.2 does not have an exit handler for the INVVPID instruction, which allows guest OS users to cause a denial of service (guest OS crash) via a crafted application. |
02 Feb 2023, 15:16
Type | Values Removed | Values Added |
---|---|---|
Summary | It was found that the Linux kernel's KVM subsystem did not handle the VM exits gracefully for the invvpid (Invalidate Translations Based on VPID) instructions. On hosts with an Intel processor and invppid VM exit support, an unprivileged guest user could use these instructions to crash the guest. | |
References |
|
|
Information
Published : 2014-11-10 11:55
Updated : 2023-12-10 11:31
NVD link : CVE-2014-3646
Mitre link : CVE-2014-3646
CVE.ORG link : CVE-2014-3646
JSON object : View
Products Affected
opensuse
- evergreen
debian
- debian_linux
redhat
- enterprise_linux
suse
- suse_linux_enterprise_server
linux
- linux_kernel
canonical
- ubuntu_linux
CWE