CVE-2014-3690
CVSS v3.1
5.5 (Medium)
CVSS v2.0
4.9 (Medium)
EPSS
0.06 % (28th)
Affected Products
10
Advisories
29
arch/x86/kvm/vmx.c in the KVM subsystem in the Linux kernel before 3.17.2 on Intel processors does not ensure that the value in the CR4 control register remains the same after a VM entry, which allows host OS users to kill arbitrary processes or cause a denial of service (system disruption) by leveraging /dev/kvm access, as demonstrated by PR_SET_TSC prctl calls within a modified copy of QEMU.
Weaknesses
- CWE-400
- Uncontrolled Resource Consumption
- CVE Status
- PUBLISHED
- CNA
- Red Hat, Inc.
- Published Date
-
2014-11-10 11:55:07
(9 years ago) - Updated Date
-
2023-02-13 00:42:00
(19 months ago)
Affected Products
Loading...
Loading...
Loading...
Configuration #1
|
Configuration #2
|
Configuration #3
|
Configuration #4
|
Configuration #5
|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...