CVE-2014-0155
 
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
1Exploited in Wild
-Decision
Descriptions
The ioapic_deliver function in virt/kvm/ioapic.c in the Linux kernel through 3.14.1 does not properly validate the kvm_irq_delivery_to_apic return value, which allows guest OS users to cause a denial of service (host OS crash) via a crafted entry in the redirection table of an I/O APIC. NOTE: the affected code was moved to the ioapic_service function before the vulnerability was announced.
La función ioapic_deliver en virt/kvm/ioapic.c en el kernel de Linux hasta 3.14.1 no valida debidamente el valor de vuelta kvm_irq_delivery_to_apic, lo que permite a usuarios invitados del sistema operativo causar una denegación de servicio (caída de sistema operativo anfitrión) a través de una entrada manipulada en la tabla de redirección de I/O APIC. NOTA: el código afectado fue trasladado a la función ioapic_service antes de que la vulnerabilidad fue anunciada.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2013-12-03 CVE Reserved
- 2014-04-14 CVE Published
- 2023-03-08 EPSS Updated
- 2024-08-06 CVE Updated
- 2024-08-06 First Exploit
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-20: Improper Input Validation
CAPEC
References (3)
URL | Tag | Source |
---|
URL | Date | SRC |
---|---|---|
http://git.kernel.org/cgit/virt/kvm/kvm.git/commit/?id=5678de3f15010b9022ee45673f33bcfc71d47b60 | 2024-08-06 |
URL | Date | SRC |
---|---|---|
http://www.openwall.com/lists/oss-security/2014/04/07/2 | 2023-11-07 | |
https://bugzilla.redhat.com/show_bug.cgi?id=1081589 | 2023-11-07 |
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | < 3.14.1 Search vendor "Linux" for product "Linux Kernel" and version " < 3.14.1" | - |
Affected
|