Search Results (Refine Search)
- CPE Product Version: cpe:/o:linux:linux_kernel:2.2.27:rc1
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2014-8481 |
The instruction decoder in arch/x86/kvm/emulate.c in the KVM subsystem in the Linux kernel before 3.18-rc2 does not properly handle invalid instructions, which allows guest OS users to cause a denial of service (NULL pointer dereference and host OS crash) via a crafted application that triggers (1) an improperly fetched instruction or (2) an instruction that occupies too many bytes. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-8480. Published: November 10, 2014; 6:55:09 AM -0500 |
V4.0:(not available) V3.x:(not available) V2.0: 4.9 MEDIUM |
CVE-2014-8480 |
The instruction decoder in arch/x86/kvm/emulate.c in the KVM subsystem in the Linux kernel before 3.18-rc2 lacks intended decoder-table flags for certain RIP-relative instructions, which allows guest OS users to cause a denial of service (NULL pointer dereference and host OS crash) via a crafted application. Published: November 10, 2014; 6:55:09 AM -0500 |
V4.0:(not available) V3.x:(not available) V2.0: 4.9 MEDIUM |