CVE-2014-3601

Published: Sep 1, 2014Modified: May 6, 2026

4.3

Vector

AV:A/AC:H/Au:S/C:N/I:N/A:C

Exploitability: 2.5 / Impact: 6.9

Source: NVD

Description

The kvm_iommu_map_pages function in virt/kvm/iommu.c in the Linux kernel through 3.16.1 miscalculates the number of pages during the handling of a mapping failure, which allows guest OS users to (1) cause a denial of service (host OS memory corruption) or possibly have unspecified other impact by triggering a large gfn value or (2) cause a denial of service (host OS memory consumption) by triggering a small gfn value that leads to permanently pinned pages.

Affected (8)

Products: Opensuse: Evergreen · Suse: Linux Enterprise Real Time Extension, Linux Enterprise Server, Suse Linux Enterprise Server · Canonical: Ubuntu Linux · +1 more

Show all products

Opensuse: Evergreen · Suse: Linux Enterprise Real Time Extension, Linux Enterprise Server, Suse Linux Enterprise Server · Canonical: Ubuntu Linux · Linux: Linux Kernel

1 product

3 products

Linux Enterprise Real Time Extension

Linux Enterprise Server

Suse Linux Enterprise Server

1 product

1 product

Configuration A

4 vulnerable

Vulnerable Software	Affected Versions
Opensuse Evergreen	Version 11.4
Suse Linux Enterprise Real Time Extension	Version 11.0 sp3
Suse Linux Enterprise Server	Version 11 sp2
Suse Suse Linux Enterprise Server	Version 11

Configuration B

2 vulnerable

Vulnerable Software	Affected Versions
Canonical Ubuntu Linux	Version 12.04
Canonical Ubuntu Linux	Version 14.04

Configuration C

2 vulnerable

Vulnerable Software	Affected Versions
Linux Linux Kernel	Up to 3.16.1
Linux Linux Kernel	Version 3.16.0

Related CWEs

References (26)

http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=350b8bdd689cd2ab2c67c8a86a0be86cfa0751a7

Source: secalert@redhat.com

http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.html

Source: secalert@redhat.com

Third Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html

Source: secalert@redhat.com

Third Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00015.html

Source: secalert@redhat.com

Third Party Advisory

http://secunia.com/advisories/60830

Source: secalert@redhat.com

http://www.securityfocus.com/bid/69489

Source: secalert@redhat.com

http://www.ubuntu.com/usn/USN-2356-1

Source: secalert@redhat.com

Third Party Advisory

http://www.ubuntu.com/usn/USN-2357-1

Source: secalert@redhat.com

Third Party Advisory

http://www.ubuntu.com/usn/USN-2358-1

Source: secalert@redhat.com

Third Party Advisory

http://www.ubuntu.com/usn/USN-2359-1

Source: secalert@redhat.com

Third Party Advisory

https://bugzilla.redhat.com/show_bug.cgi?id=1131951

Source: secalert@redhat.com

Issue Tracking

https://exchange.xforce.ibmcloud.com/vulnerabilities/95689

Source: secalert@redhat.com

https://github.com/torvalds/linux/commit/350b8bdd689cd2ab2c67c8a86a0be86cfa0751a7

Source: secalert@redhat.com

ExploitPatch

http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=350b8bdd689cd2ab2c67c8a86a0be86cfa0751a7

Source: af854a3a-2127-422b-91ae-364da2661108

http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.html

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00015.html

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

http://secunia.com/advisories/60830

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/69489

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.ubuntu.com/usn/USN-2356-1

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

http://www.ubuntu.com/usn/USN-2357-1

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

http://www.ubuntu.com/usn/USN-2358-1

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

http://www.ubuntu.com/usn/USN-2359-1

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://bugzilla.redhat.com/show_bug.cgi?id=1131951

Source: af854a3a-2127-422b-91ae-364da2661108

Issue Tracking

https://exchange.xforce.ibmcloud.com/vulnerabilities/95689

Source: af854a3a-2127-422b-91ae-364da2661108

https://github.com/torvalds/linux/commit/350b8bdd689cd2ab2c67c8a86a0be86cfa0751a7

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitPatch

Timeline

No history available yet.