PT-2014-5434 · Linux+3 · Linux Kernel+3

Publicado

2013-11-19

Atualizado

2023-02-13

CVE-2014-3645

CVSS v2.0

2.1

Baixa

Vetor

AV:L/AC:L/Au:N/C:N/I:N/A:P

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 3.12

Description The issue is related to the KVM subsystem in the Linux kernel, specifically in the arch/x86/kvm/vmx.c file. It does not have an exit handler for the INVEPT instruction, which allows guest OS users to cause a denial of service (guest OS crash) via a crafted application. A local unprivileged guest user could use this flaw to crash the guest.

Recommendations For Linux kernel versions prior to 3.12, update to version 3.12 or later to resolve the issue. As a temporary workaround, consider restricting access to the KVM subsystem to minimize the risk of exploitation.

Exploit

Correção

DoS

RCE

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-20

Identificadores relacionados

ALT-PU-2013-1133

ALT-PU-2014-1422

CESA-2014_1724

CESA-2014_1843

CVE-2014-3645

DSA-3060-1

RHSA-2014:1724

RHSA-2014:1843

RHSA-2014_1724

RHSA-2014_1843

RHSA-2015:0126

RHSA-2015:0284

USN-2417-1

USN-2418-1

Produtos afetados

Alt Linux

Centos

Linux Kernel

Red Hat

PT-2014-5434 · Linux+3 · Linux Kernel+3

CVE-2014-3645

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 22