CVE-2014-8369

CVSS v3.1 7.8 (High)

CVSS v2.0 4.6 (Medium)

EPSS 0.09 % (39^th)

Affected Products 5

Advisories 30

The kvm_iommu_map_pages function in virt/kvm/iommu.c in the Linux kernel through 3.17.2 miscalculates the number of pages during the handling of a mapping failure, which allows guest OS users to cause a denial of service (host OS page unpinning) or possibly have unspecified other impact by leveraging guest OS privileges. NOTE: this vulnerability exists because of an incorrect fix for CVE-2014-3601.

Weaknesses

CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer

Related CVEs

CVE-2014-3601

CVE Status: PUBLISHED
CNA: MITRE
Published Date: 2014-11-10 11:55:08
(9 years ago)
Updated Date: 2023-11-07 02:22:34
(10 months ago)

Affected Products

Suse

Configuration #1

		CPE23	From	Up To
	Linux Kernel 3.17.2 and prior versions	cpe:2.3:o:linux:linux_kernel		<= 3.17.2

Configuration #2

		CPE23	From	Up To
	Debian Linux 7.0	cpe:2.3:o:debian:debian_linux:7.0

Configuration #3

		CPE23	From	Up To
	Opensuse Evergreen 11.4	cpe:2.3:o:opensuse:evergreen:11.4
	Suse Linux Enterprise Real Time Extension 11 SP3	cpe:2.3:o:suse:linux_enterprise_real_time_extension:11:sp3
	Suse Linux Enterprise Server 11 SP2	cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp2:::ltss

Weaknesses

Related CVEs

Affected Products

Debian

Linux

Opensuse

Suse

Configuration #1

Configuration #2

Configuration #3