CVE-2014-3690

 

Published at: - 10-11-2014 12:55

Last modified: - 21-09-2022 08:44

Total changes: - 3

Description

arch/x86/kvm/vmx.c in the KVM subsystem in the Linux kernel before 3.17.2 on Intel processors does not ensure that the value in the CR4 control register remains the same after a VM entry, which allows host OS users to kill arbitrary processes or cause a denial of service (system disruption) by leveraging /dev/kvm access, as demonstrated by PR_SET_TSC prctl calls within a modified copy of QEMU.

Common Vulnerability Scoring System (CVSS)

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

 

Verification logic

 

Reference

• https://github.com/torvalds/linux/commit/d974baa398f34393db76be45f7d4d04fbdbb4a0a
• http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=d974baa398f34393db76be45f7d4d04fbdbb4a0a
• [oss-security] 20141021 CVE-2014-3690: KVM DoS triggerable by malicious host userspace-Mailing List, Patch, Third Party Advisory
• https://bugzilla.redhat.com/show_bug.cgi?id=1153322
• http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.17.2
• [oss-security] 20141029 Re: CVE-2014-3690: KVM DoS triggerable by malicious host userspace-Mailing List, Patch, Third Party Advisory
• USN-2421-1-Third Party Advisory
• USN-2419-1-Third Party Advisory
• USN-2420-1-Third Party Advisory
• USN-2418-1-Third Party Advisory
• USN-2417-1-Third Party Advisory
• DSA-3060-Third Party Advisory
• 70691-Third Party Advisory, VDB Entry
• 60174-Broken Link
• SUSE-SU-2015:0178-Mailing List, Third Party Advisory
• SUSE-SU-2015:0481-Mailing List, Third Party Advisory
• RHSA-2015:0290-Third Party Advisory
• MDVSA-2015:058-Broken Link
• openSUSE-SU-2015:0566-Mailing List, Third Party Advisory
• RHSA-2015:0782-Third Party Advisory
• SUSE-SU-2015:0736-Mailing List, Third Party Advisory
• RHSA-2015:0864-Third Party Advisory

 

Keywords

NVD

 

CVE-2014-3690

 

CVE

 

Common vulnerabilities & exposures

 

CVSS

 

Common vulnerability scoring system

 

Security

 

Vulnerabilities

 

Exposures