CVE-2014-3647)A flaw was discovered with the handling of the invept instruction in theKVM (Kernel Virtual Machine) subsystem of the Linux kernel. An unprivilegedguest user could exploit this flaw to cause a denial of service (systemcrash) on the guest. (CVE-2014-3646)Lars Bull reported a race condition in the PIT (programmable interrupttimer) emulation in the KVM (Kernel Virtual Machine) subsystem of the Linuxkernel. A local guest user with access to PIT i/o ports could exploit thisflaw to cause a denial of service (crash) on the host. (CVE-2014-3611)Lars Bull and Nadav Amit reported a flaw in how KVM (the Kernel VirtualMachine) handles noncanonical writes to certain MSR registers. A privilegedguest user can exploit this flaw to cause a denial of service (kernelpanic) on the host. (CVE-2014-3610)"> OVAL Reference oval:org.mitre.oval:def:28203 - CERT Civis.Net
Oval Definition:oval:org.mitre.oval:def:28203
Revision Date:2015-03-09Version:5
Title:USN-2396-1 -- Linux kernel vulnerabilities
Description:Nadav Amit reported that the KVM (Kernel Virtual Machine) mishandlesnoncanonical addresses when emulating instructions that change the rip(Instruction Pointer). A guest user with access to I/O or the MMIO can usethis flaw to cause a denial of service (system crash) of the guest.(CVE-2014-3647)A flaw was discovered with the handling of the invept instruction in theKVM (Kernel Virtual Machine) subsystem of the Linux kernel. An unprivilegedguest user could exploit this flaw to cause a denial of service (systemcrash) on the guest. (CVE-2014-3646)Lars Bull reported a race condition in the PIT (programmable interrupttimer) emulation in the KVM (Kernel Virtual Machine) subsystem of the Linuxkernel. A local guest user with access to PIT i/o ports could exploit thisflaw to cause a denial of service (crash) on the host. (CVE-2014-3611)Lars Bull and Nadav Amit reported a flaw in how KVM (the Kernel VirtualMachine) handles noncanonical writes to certain MSR registers. A privilegedguest user can exploit this flaw to cause a denial of service (kernelpanic) on the host. (CVE-2014-3610)
Family:unixClass:patch
Status:ACCEPTEDReference(s):CVE-2014-3610
CVE-2014-3611
CVE-2014-3646
CVE-2014-3647
USN-2396-1
Platform(s):Ubuntu 14.10
Product(s):linux
Definition Synopsis
  • Ubuntu 14.10 is installed
  • AND Packages match section
  • linux-image-3.16.0-24-powerpc-e500mc is earlier than 0:3.16.0-24.32
  • OR linux-image-3.16.0-24-powerpc64-smp is earlier than 0:3.16.0-24.32
  • OR linux-image-3.16.0-24-powerpc-smp is earlier than 0:3.16.0-24.32
  • OR linux-image-3.16.0-24-powerpc64-emb is earlier than 0:3.16.0-24.32
  • OR linux-image-3.16.0-24-lowlatency is earlier than 0:3.16.0-24.32
  • OR linux-image-3.16.0-24-generic is earlier than 0:3.16.0-24.32
  • OR linux-image-3.16.0-24-generic-lpae is earlier than 0:3.16.0-24.32
    • BACK