CVE-2014-3646

EPSS 0.1%
Veröffentlicht 10.11.2014 11:55:06
Zuletzt bearbeitet 06.05.2026 22:30:45
Quelle secalert@redhat.com
CVE-Watchlists
Login
Unerledigt
Login

arch/x86/kvm/vmx.c in the KVM subsystem in the Linux kernel through 3.17.2 does not have an exit handler for the INVVPID instruction, which allows guest OS users to cause a denial of service (guest OS crash) via a crafted application.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 0 Referenzen 15

NVD 6 VulnDex Vulnerability Enrichment 6

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Linux ≫ Linux Kernel Version <= 3.17.2

Redhat ≫ Enterprise Linux Version5.0

Canonical ≫ Ubuntu Linux Version12.04 SwEditionesm

Debian ≫ Debian Linux Version7.0

Opensuse ≫ Evergreen Version11.4

Suse ≫ Suse Linux Enterprise Server Version11 Updatesp2 SwEditionltss

VulnDex Vulnerability Enrichment

Diese Information steht angemeldeten Benutzern zur Verfügung.

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.1%	0.283

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	5.5	1.8	3.6	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
nvd@nist.gov	4.7	3.4	6.9	AV:L/AC:M/Au:N/C:N/I:N/A:C

Es wurden noch keine Informationen zu CWE veröffentlicht.

http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.html

Third Party Advisory

Mailing List

http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html

Third Party Advisory

Mailing List

http://rhn.redhat.com/errata/RHSA-2015-0284.html

Third Party Advisory

http://www.ubuntu.com/usn/USN-2417-1

Third Party Advisory

http://www.ubuntu.com/usn/USN-2418-1

Third Party Advisory

http://rhn.redhat.com/errata/RHSA-2015-0126.html

Third Party Advisory

http://www.ubuntu.com/usn/USN-2394-1

Third Party Advisory

http://www.debian.org/security/2014/dsa-3060

Third Party Advisory

http://www.openwall.com/lists/oss-security/2014/10/24/9

Patch

Third Party Advisory

Mailing List

http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=a642fc305053cc1c6e47e4f4df327895747ab485

https://bugzilla.redhat.com/show_bug.cgi?id=1144825

Patch

Third Party Advisory

Issue Tracking

https://github.com/torvalds/linux/commit/a642fc305053cc1c6e47e4f4df327895747ab485

Patch

Third Party Advisory

https://nvd.nist.gov/vuln/detail/CVE-2014-3646

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2014-3646

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2014-3646

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2014-3646