Vulnerability Name: | CVE-2014-8480 (CCN-97750) | ||||||||||||
Assigned: | 2014-10-24 | ||||||||||||
Published: | 2014-10-24 | ||||||||||||
Updated: | 2016-11-28 | ||||||||||||
Summary: | The instruction decoder in arch/x86/kvm/emulate.c in the KVM subsystem in the Linux kernel before 3.18-rc2 lacks intended decoder-table flags for certain RIP-relative instructions, which allows guest OS users to cause a denial of service (NULL pointer dereference and host OS crash) via a crafted application. | ||||||||||||
CVSS v3 Severity: | 7.5 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
| ||||||||||||
CVSS v2 Severity: | 4.9 Medium (CVSS v2 Vector: AV:L/AC:L/Au:N/C:N/I:N/A:C) 3.7 Low (Temporal CVSS v2 Vector: AV:L/AC:L/Au:N/C:N/I:N/A:C/E:U/RL:OF/RC:C)
5.8 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C/E:U/RL:OF/RC:C)
| ||||||||||||
Vulnerability Type: | CWE-399 | ||||||||||||
Vulnerability Consequences: | Denial of Service | ||||||||||||
References: | Source: MITRE Type: CNA CVE-2014-8480 Source: CONFIRM Type: Exploit http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=3f6f1480d86bf9fc16c160d803ab1d006e3058d5 Source: CCN Type: oss-security Mailing List, Fri, 24 Oct 2014 03:48:32 -0400 (EDT) Re: CVE Request: Linux 3.17 guest-triggerable KVM OOPS Source: MLIST Type: UNKNOWN [kvm] 20141013 [PATCH 0/2] KVM: x86: Fixing clflush/hint_nop/prefetch Source: CCN Type: The Linux Kernel Archives Web site The Linux Kernel Archives Source: MLIST Type: Exploit [oss-security] 20141023 CVE Request: Linux 3.17 guest-triggerable KVM OOPS Source: BID Type: UNKNOWN 70710 Source: CCN Type: BID-70710 Linux Kernel KVM CVE-2014-8480 Denial of Service Vulnerability Source: CONFIRM Type: UNKNOWN https://bugzilla.redhat.com/show_bug.cgi?id=1156615 Source: XF Type: UNKNOWN linux-kernel-cve20148480-dos(97750) Source: CONFIRM Type: Exploit https://github.com/torvalds/linux/commit/3f6f1480d86bf9fc16c160d803ab1d006e3058d5 Source: CCN Type: WhiteSource Vulnerability Database CVE-2014-8480 | ||||||||||||
Vulnerable Configuration: | Configuration 1: Configuration CCN 1: Denotes that component is vulnerable | ||||||||||||
Oval Definitions | |||||||||||||
| |||||||||||||
BACK |