CVE-2014-8369
Publication date 10 November 2014
Last updated 24 July 2024
Ubuntu priority
The kvm_iommu_map_pages function in virt/kvm/iommu.c in the Linux kernel through 3.17.2 miscalculates the number of pages during the handling of a mapping failure, which allows guest OS users to cause a denial of service (host OS page unpinning) or possibly have unspecified other impact by leveraging guest OS privileges. NOTE: this vulnerability exists because of an incorrect fix for CVE-2014-3601.
From the Ubuntu Security Team
The KVM (kernel virtual machine) subsystem of the Linux kernel miscalculates the number of memory pages during the handling of a mapping failure. A guest OS user could exploit this to cause a denial of service (host OS page unpinning) or possibly have unspecified other impact by leveraging guest OS privileges.
Status
| Package | Ubuntu Release | Status |
|---|---|---|
| linux | ||
| 14.04 LTS trusty |
Fixed 3.13.0-41.70
|
|
| linux-armadaxp | ||
| 14.04 LTS trusty | Not in release | |
| linux-ec2 | ||
| 14.04 LTS trusty | Not in release | |
| linux-flo | ||
| 14.04 LTS trusty | Not in release | |
| linux-fsl-imx51 | ||
| 14.04 LTS trusty | Not in release | |
| linux-goldfish | ||
| 14.04 LTS trusty | Not in release | |
| linux-grouper | ||
| 14.04 LTS trusty | Not in release | |
| linux-linaro-omap | ||
| 14.04 LTS trusty | Not in release | |
| linux-linaro-shared | ||
| 14.04 LTS trusty | Not in release | |
| linux-linaro-vexpress | ||
| 14.04 LTS trusty | Not in release | |
| linux-lts-quantal | ||
| 14.04 LTS trusty | Not in release | |
| linux-lts-raring | ||
| 14.04 LTS trusty | Not in release | |
| linux-lts-saucy | ||
| 14.04 LTS trusty | Not in release | |
| linux-lts-trusty | ||
| 14.04 LTS trusty | Not in release | |
| linux-lts-utopic | ||
| 14.04 LTS trusty |
Fixed 3.16.0-26.35~14.04.1
|
|
| linux-lts-vivid | ||
| 14.04 LTS trusty | Not in release | |
| linux-maguro | ||
| 14.04 LTS trusty | Not in release | |
| linux-mako | ||
| 14.04 LTS trusty | Not in release | |
| linux-manta | ||
| 14.04 LTS trusty | Not in release | |
| linux-mvl-dove | ||
| 14.04 LTS trusty | Not in release | |
| linux-qcm-msm | ||
| 14.04 LTS trusty | Not in release | |
| linux-raspi2 | ||
| 14.04 LTS trusty | Not in release | |
| linux-ti-omap4 | ||
| 14.04 LTS trusty | Not in release | |
Notes
jdstrand
android kernels (flo, goldfish, grouper, maguro, mako and manta) are not supported on the Ubuntu Touch 14.04 preview kernels linux-lts-saucy no longer receives official support linux-lts-quantal no longer receives official support
Severity score breakdown
| Parameter | Value |
|---|---|
| Base score |
7.8 · High
|
| Attack vector | Local |
| Attack complexity | Low |
| Privileges required | Low |
| User interaction | None |
| Scope | Unchanged |
| Confidentiality | High |
| Integrity impact | High |
| Availability impact | High |
| Vector | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
References
Related Ubuntu Security Notices (USN)
- USN-2445-1
- Linux kernel (Trusty HWE) vulnerabilities
- 12 December 2014
- USN-2464-1
- Linux kernel (OMAP4) vulnerabilities
- 13 January 2015
- USN-2447-1
- Linux kernel (Utopic HWE) vulnerabilities
- 12 December 2014
- USN-2448-1
- Linux kernel vulnerabilities
- 12 December 2014
- USN-2446-1
- Linux kernel vulnerabilities
- 12 December 2014
- USN-2463-1
- Linux kernel vulnerabilities
- 13 January 2015