{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2014-04-04T00:00:00", "descriptions": [{"lang": "en", "value": "The ioapic_deliver function in virt/kvm/ioapic.c in the Linux kernel through 3.14.1 does not properly validate the kvm_irq_delivery_to_apic return value, which allows guest OS users to cause a denial of service (host OS crash) via a crafted entry in the redirection table of an I/O APIC. NOTE: the affected code was moved to the ioapic_service function before the vulnerability was announced."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2014-04-14T22:57:00", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "http://git.kernel.org/cgit/virt/kvm/kvm.git/commit/?id=5678de3f15010b9022ee45673f33bcfc71d47b60"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1081589"}, {"name": "[oss-security] 20140407 CVE-2014-0155 -- kernel: kvm: BUG caused by invalid entry in guest ioapic redirection table", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2014/04/07/2"}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T09:05:38.928Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://git.kernel.org/cgit/virt/kvm/kvm.git/commit/?id=5678de3f15010b9022ee45673f33bcfc71d47b60"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1081589"}, {"name": "[oss-security] 20140407 CVE-2014-0155 -- kernel: kvm: BUG caused by invalid entry in guest ioapic redirection table", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2014/04/07/2"}]}]}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2014-0155", "datePublished": "2014-04-14T23:00:00", "dateReserved": "2013-12-03T00:00:00", "dateUpdated": "2024-08-06T09:05:38.928Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "525BA1DC-FD54-4786-8ABA-BE8DFB2DFCC3", "versionEndExcluding": "3.14.1", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The ioapic_deliver function in virt/kvm/ioapic.c in the Linux kernel through 3.14.1 does not properly validate the kvm_irq_delivery_to_apic return value, which allows guest OS users to cause a denial of service (host OS crash) via a crafted entry in the redirection table of an I/O APIC. NOTE: the affected code was moved to the ioapic_service function before the vulnerability was announced."}, {"lang": "es", "value": "La funci\u00f3n ioapic_deliver en virt/kvm/ioapic.c en el kernel de Linux hasta 3.14.1 no valida debidamente el valor de vuelta kvm_irq_delivery_to_apic, lo que permite a usuarios invitados del sistema operativo causar una denegaci\u00f3n de servicio (ca\u00edda de sistema operativo anfitri\u00f3n) a trav\u00e9s de una entrada manipulada en la tabla de redirecci\u00f3n de I/O APIC. NOTA: el c\u00f3digo afectado fue trasladado a la funci\u00f3n ioapic_service antes de que la vulnerabilidad fue anunciada."}], "id": "CVE-2014-0155", "lastModified": "2023-11-07T02:18:10.507", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "ADJACENT_NETWORK", "authentication": "SINGLE", "availabilityImpact": "COMPLETE", "baseScore": 5.5, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:A/AC:L/Au:S/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 5.1, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2014-04-14T23:55:07.577", "references": [{"source": "secalert@redhat.com", "tags": ["Exploit", "Patch", "Vendor Advisory"], "url": "http://git.kernel.org/cgit/virt/kvm/kvm.git/commit/?id=5678de3f15010b9022ee45673f33bcfc71d47b60"}, {"source": "secalert@redhat.com", "tags": ["Mailing List", "Patch", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2014/04/07/2"}, {"source": "secalert@redhat.com", "tags": ["Issue Tracking", "Patch", "Third Party Advisory"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1081589"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"acknowledgement": "This issue was discovered by Red Hat.", "bugzilla": {"description": "kernel: kvm: BUG caused by invalid entry in guest ioapic redirection table", "id": "1081589", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1081589"}, "csaw": false, "cvss": {"cvss_base_score": "5.5", "cvss_scoring_vector": "AV:A/AC:L/Au:S/C:N/I:N/A:C", "status": "draft"}, "details": ["The ioapic_deliver function in virt/kvm/ioapic.c in the Linux kernel through 3.14.1 does not properly validate the kvm_irq_delivery_to_apic return value, which allows guest OS users to cause a denial of service (host OS crash) via a crafted entry in the redirection table of an I/O APIC. NOTE: the affected code was moved to the ioapic_service function before the vulnerability was announced."], "name": "CVE-2014-0155", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 5"}, {"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Not affected", "package_name": "kvm", "product_name": "Red Hat Enterprise Linux 5"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/a:redhat:enterprise_mrg:2", "fix_state": "Not affected", "package_name": "realtime-kernel", "product_name": "Red Hat Enterprise MRG 2"}], "public_date": "2014-04-04T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2014-0155\nhttps://nvd.nist.gov/vuln/detail/CVE-2014-0155"], "statement": "Not vulnerable.\nThis issue did not affect the versions of kvm package as shipped with Red Hat Enterprise Linux 5.\nThis issue did not affect the versions of the Linux kernel as shipped with Red Hat Enterprise Linux 6.\nThis issue did not affect the versions of Linux kernel as shipped with Red Hat\nEnterprise Linux 5 and Red Hat Enterprise MRG 2 as they did not provide support\nfor the KVM subsystem.", "threat_severity": "Important"}