CVSS2
Attack Vector
ADJACENT_NETWORK
Attack Complexity
HIGH
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:A/AC:H/Au:S/C:N/I:N/A:C
EPSS
Percentile
61.1%
The kvm_iommu_map_pages function in virt/kvm/iommu.c in the Linux kernel
through 3.16.1 miscalculates the number of pages during the handling of a
mapping failure, which allows guest OS users to (1) cause a denial of
service (host OS memory corruption) or possibly have unspecified other
impact by triggering a large gfn value or (2) cause a denial of service
(host OS memory consumption) by triggering a small gfn value that leads to
permanently pinned pages.
Author | Note |
---|---|
jdstrand | android kernels (flo, goldfish, grouper, maguro, mako and manta) are not supported on the Ubuntu Touch 14.04 preview kernels linux-lts-saucy no longer receives official support linux-lts-quantal no longer receives official support |
git.kernel.org/cgit/virt/kvm/kvm.git/commit/?id=350b8bdd689cd2ab2c67c8a86a0be86cfa0751a7
launchpad.net/bugs/cve/CVE-2014-3601
nvd.nist.gov/vuln/detail/CVE-2014-3601
security-tracker.debian.org/tracker/CVE-2014-3601
ubuntu.com/security/notices/USN-2356-1
ubuntu.com/security/notices/USN-2357-1
ubuntu.com/security/notices/USN-2358-1
ubuntu.com/security/notices/USN-2359-1
www.cve.org/CVERecord?id=CVE-2014-3601