The ioapic_deliver function in virt/kvm/ioapic.c in the Linux kernel through 3.14.1 does not properly validate the kvm_irq_delivery_to_apic return value, which allows guest OS users to cause a denial of service (host OS crash) via a crafted entry in the redirection table of an I/O APIC. NOTE: the affected code was moved to the ioapic_service function before the vulnerability was announced.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: redhat
Published: 2014-04-14T23:00:00
Updated: 2024-08-06T09:05:38.928Z
Reserved: 2013-12-03T00:00:00
Link: CVE-2014-0155
Vulnrichment
No data.
NVD
Status : Modified
Published: 2014-04-14T23:55:07.577
Modified: 2023-11-07T02:18:10.507
Link: CVE-2014-0155
Redhat