CVE-2014-8134

CVSS v3.1 3.3 (Low)

CVSS v2.0 1.9 (Low)

EPSS 0.16 % (53^th)

Affected Products 6

Advisories 38

The paravirt_ops_setup function in arch/x86/kernel/kvm.c in the Linux kernel through 3.18 uses an improper paravirt_enabled setting for KVM guest kernels, which makes it easier for guest OS users to bypass the ASLR protection mechanism via a crafted application that reads a 16-bit value.

Weaknesses

CWE-NVD-noinfo

CVE Status: PUBLISHED
CNA: Red Hat, Inc.
Published Date: 2014-12-12 18:59:03
(9 years ago)
Updated Date: 2023-02-13 00:43:29
(19 months ago)

Affected Products

Canonical

Ubuntu Linux

Linux

Linux Kernel

Opensuse

Oracle

Linux

Suse

Suse Linux Enterprise Server

Configuration #1

		CPE23	From	Up To
	Linux Kernel 3.18 and prior versions	cpe:2.3:o:linux:linux_kernel		<= 3.18

Configuration #2

		CPE23	From	Up To
	Canonical Ubuntu Linux 12.04	cpe:2.3:o:canonical:ubuntu_linux:12.04:::*:esm
	Canonical Ubuntu Linux 14.04	cpe:2.3:o:canonical:ubuntu_linux:14.04:::*:esm
	Canonical Ubuntu Linux 16.04	cpe:2.3:o:canonical:ubuntu_linux:16.04:::*:lts

Configuration #3

		CPE23	From	Up To
	Opensuse Evergreen 11.4	cpe:2.3:o:opensuse:evergreen:11.4
	Opensuse 13.1	cpe:2.3:o:opensuse:opensuse:13.1
	Suse Linux Enterprise Server 11 SP2	cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp2:::ltss

Configuration #4

		CPE23	From	Up To
	Oracle Linux 6	cpe:2.3:o:oracle:linux:6:-