CVE - CVE-2014-8480

CVE-ID
CVE-2014-8480	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
The instruction decoder in arch/x86/kvm/emulate.c in the KVM subsystem in the Linux kernel before 3.18-rc2 lacks intended decoder-table flags for certain RIP-relative instructions, which allows guest OS users to cause a denial of service (NULL pointer dereference and host OS crash) via a crafted application.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
MLIST:[kvm] 20141013 [PATCH 0/2] KVM: x86: Fixing clflush/hint_nop/prefetch URL:http://thread.gmane.org/gmane.comp.emulators.kvm.devel/128427 MLIST:[oss-security] 20141023 CVE Request: Linux 3.17 guest-triggerable KVM OOPS URL:http://www.openwall.com/lists/oss-security/2014/10/23/7 CONFIRM:http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=3f6f1480d86bf9fc16c160d803ab1d006e3058d5 CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1156615 CONFIRM:https://github.com/torvalds/linux/commit/3f6f1480d86bf9fc16c160d803ab1d006e3058d5 BID:70710 URL:http://www.securityfocus.com/bid/70710
Assigning CNA
N/A
Date Entry Created
20141024	Disclaimer: The entry creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20141024)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an entry on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: cve@mitre.org