Search Results (Refine Search)
- CPE Product Version: cpe:/o:linux:linux_kernel:3.14.3
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2014-7842 |
Race condition in arch/x86/kvm/x86.c in the Linux kernel before 3.17.4 allows guest OS users to cause a denial of service (guest OS crash) via a crafted application that performs an MMIO transaction or a PIO transaction to trigger a guest userspace emulation error report, a similar issue to CVE-2010-5313. Published: November 29, 2014; 8:59:04 PM -0500 |
V3.x:(not available) V2.0: 4.9 MEDIUM |
CVE-2014-7841 |
The sctp_process_param function in net/sctp/sm_make_chunk.c in the SCTP implementation in the Linux kernel before 3.17.4, when ASCONF is used, allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) via a malformed INIT chunk. Published: November 29, 2014; 8:59:03 PM -0500 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2014-3688 |
The SCTP implementation in the Linux kernel before 3.17.4 allows remote attackers to cause a denial of service (memory consumption) by triggering a large number of chunks in an association's output queue, as demonstrated by ASCONF probes, related to net/sctp/inqueue.c and net/sctp/sm_statefuns.c. Published: November 29, 2014; 8:59:02 PM -0500 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2014-8559 |
The d_walk function in fs/dcache.c in the Linux kernel through 3.17.2 does not properly maintain the semantics of rename_lock, which allows local users to cause a denial of service (deadlock and system hang) via a crafted application. Published: November 10, 2014; 6:55:09 AM -0500 |
V3.1: 5.5 MEDIUM V2.0: 4.9 MEDIUM |
CVE-2014-8481 |
The instruction decoder in arch/x86/kvm/emulate.c in the KVM subsystem in the Linux kernel before 3.18-rc2 does not properly handle invalid instructions, which allows guest OS users to cause a denial of service (NULL pointer dereference and host OS crash) via a crafted application that triggers (1) an improperly fetched instruction or (2) an instruction that occupies too many bytes. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-8480. Published: November 10, 2014; 6:55:09 AM -0500 |
V3.x:(not available) V2.0: 4.9 MEDIUM |
CVE-2014-8480 |
The instruction decoder in arch/x86/kvm/emulate.c in the KVM subsystem in the Linux kernel before 3.18-rc2 lacks intended decoder-table flags for certain RIP-relative instructions, which allows guest OS users to cause a denial of service (NULL pointer dereference and host OS crash) via a crafted application. Published: November 10, 2014; 6:55:09 AM -0500 |
V3.x:(not available) V2.0: 4.9 MEDIUM |
CVE-2014-8369 |
The kvm_iommu_map_pages function in virt/kvm/iommu.c in the Linux kernel through 3.17.2 miscalculates the number of pages during the handling of a mapping failure, which allows guest OS users to cause a denial of service (host OS page unpinning) or possibly have unspecified other impact by leveraging guest OS privileges. NOTE: this vulnerability exists because of an incorrect fix for CVE-2014-3601. Published: November 10, 2014; 6:55:08 AM -0500 |
V3.1: 7.8 HIGH V2.0: 4.6 MEDIUM |
CVE-2014-7826 |
kernel/trace/trace_syscalls.c in the Linux kernel through 3.17.2 does not properly handle private syscall numbers during use of the ftrace subsystem, which allows local users to gain privileges or cause a denial of service (invalid pointer dereference) via a crafted application. Published: November 10, 2014; 6:55:08 AM -0500 |
V3.1: 7.8 HIGH V2.0: 7.2 HIGH |
CVE-2014-7825 |
kernel/trace/trace_syscalls.c in the Linux kernel through 3.17.2 does not properly handle private syscall numbers during use of the perf subsystem, which allows local users to cause a denial of service (out-of-bounds read and OOPS) or bypass the ASLR protection mechanism via a crafted application. Published: November 10, 2014; 6:55:08 AM -0500 |
V3.1: 7.8 HIGH V2.0: 7.2 HIGH |
CVE-2014-3690 |
arch/x86/kvm/vmx.c in the KVM subsystem in the Linux kernel before 3.17.2 on Intel processors does not ensure that the value in the CR4 control register remains the same after a VM entry, which allows host OS users to kill arbitrary processes or cause a denial of service (system disruption) by leveraging /dev/kvm access, as demonstrated by PR_SET_TSC prctl calls within a modified copy of QEMU. Published: November 10, 2014; 6:55:07 AM -0500 |
V3.1: 5.5 MEDIUM V2.0: 4.9 MEDIUM |
CVE-2014-3687 |
The sctp_assoc_lookup_asconf_ack function in net/sctp/associola.c in the SCTP implementation in the Linux kernel through 3.17.2 allows remote attackers to cause a denial of service (panic) via duplicate ASCONF chunks that trigger an incorrect uncork within the side-effect interpreter. Published: November 10, 2014; 6:55:06 AM -0500 |
V3.1: 7.5 HIGH V2.0: 7.8 HIGH |
CVE-2014-3673 |
The SCTP implementation in the Linux kernel through 3.17.2 allows remote attackers to cause a denial of service (system crash) via a malformed ASCONF chunk, related to net/sctp/sm_make_chunk.c and net/sctp/sm_statefuns.c. Published: November 10, 2014; 6:55:06 AM -0500 |
V3.1: 7.5 HIGH V2.0: 7.8 HIGH |
CVE-2014-3647 |
arch/x86/kvm/emulate.c in the KVM subsystem in the Linux kernel through 3.17.2 does not properly perform RIP changes, which allows guest OS users to cause a denial of service (guest OS crash) via a crafted application. Published: November 10, 2014; 6:55:06 AM -0500 |
V3.1: 5.5 MEDIUM V2.0: 1.9 LOW |
CVE-2014-3646 |
arch/x86/kvm/vmx.c in the KVM subsystem in the Linux kernel through 3.17.2 does not have an exit handler for the INVVPID instruction, which allows guest OS users to cause a denial of service (guest OS crash) via a crafted application. Published: November 10, 2014; 6:55:06 AM -0500 |
V3.1: 5.5 MEDIUM V2.0: 4.7 MEDIUM |
CVE-2014-3611 |
Race condition in the __kvm_migrate_pit_timer function in arch/x86/kvm/i8254.c in the KVM subsystem in the Linux kernel through 3.17.2 allows guest OS users to cause a denial of service (host OS crash) by leveraging incorrect PIT emulation. Published: November 10, 2014; 6:55:06 AM -0500 |
V3.1: 4.7 MEDIUM V2.0: 4.7 MEDIUM |
CVE-2014-3610 |
The WRMSR processing functionality in the KVM subsystem in the Linux kernel through 3.17.2 does not properly handle the writing of a non-canonical address to a model-specific register, which allows guest OS users to cause a denial of service (host OS crash) by leveraging guest OS privileges, related to the wrmsr_interception function in arch/x86/kvm/svm.c and the handle_wrmsr function in arch/x86/kvm/vmx.c. Published: November 10, 2014; 6:55:06 AM -0500 |
V3.1: 5.5 MEDIUM V2.0: 4.9 MEDIUM |
CVE-2014-8086 |
Race condition in the ext4_file_write_iter function in fs/ext4/file.c in the Linux kernel through 3.17 allows local users to cause a denial of service (file unavailability) via a combination of a write action and an F_SETFL fcntl operation for the O_DIRECT flag. Published: October 13, 2014; 6:55:09 AM -0400 |
V3.1: 4.7 MEDIUM V2.0: 4.7 MEDIUM |
CVE-2014-7975 |
The do_umount function in fs/namespace.c in the Linux kernel through 3.17 does not require the CAP_SYS_ADMIN capability for do_remount_sb calls that change the root filesystem to read-only, which allows local users to cause a denial of service (loss of writability) by making certain unshare system calls, clearing the / MNT_LOCKED flag, and making an MNT_FORCE umount system call. Published: October 13, 2014; 6:55:09 AM -0400 |
V3.1: 5.5 MEDIUM V2.0: 4.9 MEDIUM |
CVE-2014-7970 |
The pivot_root implementation in fs/namespace.c in the Linux kernel through 3.17 does not properly interact with certain locations of a chroot directory, which allows local users to cause a denial of service (mount-tree loop) via . (dot) values in both arguments to the pivot_root system call. Published: October 13, 2014; 6:55:08 AM -0400 |
V3.1: 5.5 MEDIUM V2.0: 4.9 MEDIUM |
CVE-2014-7284 |
The net_get_random_once implementation in net/core/utils.c in the Linux kernel 3.13.x and 3.14.x before 3.14.5 on certain Intel processors does not perform the intended slow-path operation to initialize random seeds, which makes it easier for remote attackers to spoof or disrupt IP communication by leveraging the predictability of TCP sequence numbers, TCP and UDP port numbers, and IP ID values. Published: October 13, 2014; 6:55:08 AM -0400 |
V3.x:(not available) V2.0: 6.4 MEDIUM |