#VU41138 Input validation error in Linux kernel


Published: 2014-11-10 | Updated: 2020-08-10

Vulnerability identifier: #VU41138

Vulnerability risk: Medium

CVSSv3.1: 5.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2014-8369

CWE-ID: CWE-20

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Linux kernel
Operating systems & Components / Operating system

Vendor: Linux Foundation

Description

The vulnerability allows a remote non-authenticated attacker to read and manipulate data.

The kvm_iommu_map_pages function in virt/kvm/iommu.c in the Linux kernel through 3.17.2 miscalculates the number of pages during the handling of a mapping failure, which allows guest OS users to cause a denial of service (host OS page unpinning) or possibly have unspecified other impact by leveraging guest OS privileges. NOTE: this vulnerability exists because of an incorrect fix for CVE-2014-3601.

Mitigation
Install update from vendor's website.

Vulnerable software versions

Linux kernel: 3.0 - 3.0.68, 3.1 - 3.1.10, 3.2 - 3.2.30, 3.3 - 3.3.8, 3.4 - 3.4.79, 3.5.1 - 3.5.7, 3.6 - 3.6.11, 3.7 - 3.7.10, 3.8.0 - 3.8.13, 3.9 - 3.9.11, 3.10 - 3.10.29, 3.11 - 3.11.10, 3.12 - 3.12.17, 3.13 - 3.13.11, 3.14 - 3.14.5, 3.15 - 3.15.8, 3.16.0 - 3.16.1, 3.17 - 3.17.1

External links
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=3d32e4dbe71374a6780eaf51d719d76f9a9bf22f
http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.html
http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html
http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00015.html
http://rhn.redhat.com/errata/RHSA-2015-0674.html
http://secunia.com/advisories/62326
http://secunia.com/advisories/62336
http://www.debian.org/security/2014/dsa-3093
http://www.openwall.com/lists/oss-security/2014/10/24/7
http://www.securityfocus.com/bid/70747
http://www.securityfocus.com/bid/70749
http://bugzilla.redhat.com/show_bug.cgi?id=1156518
http://github.com/torvalds/linux/commit/3d32e4dbe71374a6780eaf51d719d76f9a9bf22f
http://lkml.org/lkml/2014/10/24/460

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.


Latest bulletins with this vulnerability


Input validation error in Linux kernel