The instruction decoder in arch/x86/kvm/emulate.c in the KVM subsystem in the Linux kernel before 3.18-rc2 does not properly handle invalid instructions, which allows guest OS users to cause a denial of service (NULL pointer dereference and host OS crash) via a crafted application that triggers (1) an improperly fetched instruction or (2) an instruction that occupies too many bytes. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-8480.
http://secunia.com/advisories/62042
http://thread.gmane.org/gmane.comp.emulators.kvm.devel/128427
http://www.openwall.com/lists/oss-security/2014/10/23/7
https://bugzilla.redhat.com/show_bug.cgi?id=1156615
https://github.com/torvalds/linux/commit/a430c9166312e1aa3d80bce32374233bdbfeba32
OR
cpe:2.3:o:linux:linux_kernel:*:rc1:*:*:*:*:*:* versions up to 3.18 (inclusive)
ID | Name | Product | Family | Severity |
---|---|---|---|---|
124828 | EulerOS Virtualization for ARM 64 3.0.1.0 : kernel (EulerOS-SA-2019-1505) | Nessus | Huawei Local Security Checks | critical |
124807 | EulerOS Virtualization 3.0.1.0 : kernel (EulerOS-SA-2019-1483) | Nessus | Huawei Local Security Checks | high |
78814 | Fedora 21 : kernel-3.17.2-300.fc21 (2014-14126) | Nessus | Fedora Local Security Checks | high |