CVE-2014-0155

Bug #1312987 reported by John Johansen on 2014-04-26
258
This bug affects 1 person
Affects Status Importance Assigned to Milestone
linux (Ubuntu)
Status tracked in Wily
Precise
Low
Unassigned
Trusty
Low
Unassigned
Utopic
Low
Unassigned
Vivid
Low
Unassigned
Wily
Low
Unassigned
linux-armadaxp (Ubuntu)
Status tracked in Wily
Precise
Low
Unassigned
Trusty
Low
Unassigned
Utopic
Low
Unassigned
Vivid
Low
Unassigned
Wily
Low
Unassigned
linux-ec2 (Ubuntu)
Status tracked in Wily
Precise
Low
Unassigned
Trusty
Low
Unassigned
Utopic
Low
Unassigned
Vivid
Low
Unassigned
Wily
Low
Unassigned
linux-flo (Ubuntu)
Status tracked in Wily
Precise
Low
Unassigned
Vivid
Low
Unassigned
Wily
Low
Unassigned
linux-fsl-imx51 (Ubuntu)
Status tracked in Wily
Precise
Low
Unassigned
Trusty
Low
Unassigned
Utopic
Low
Unassigned
Vivid
Low
Unassigned
Wily
Low
Unassigned
linux-goldfish (Ubuntu)
Status tracked in Wily
Precise
Low
Unassigned
Vivid
Low
Unassigned
Wily
Low
Unassigned
linux-lts-backport-maverick (Ubuntu)
Status tracked in Wily
Lucid
Undecided
Unassigned
Precise
Undecided
Unassigned
Quantal
Undecided
Unassigned
Saucy
Undecided
Unassigned
Trusty
Undecided
Unassigned
Utopic
Undecided
Unassigned
Vivid
Undecided
Unassigned
Wily
Undecided
Unassigned
linux-lts-backport-natty (Ubuntu)
Status tracked in Wily
Lucid
Undecided
Unassigned
Precise
Undecided
Unassigned
Quantal
Undecided
Unassigned
Saucy
Undecided
Unassigned
Trusty
Undecided
Unassigned
Utopic
Undecided
Unassigned
Vivid
Undecided
Unassigned
Wily
Undecided
Unassigned
linux-lts-quantal (Ubuntu)
Status tracked in Wily
Precise
Low
Unassigned
Trusty
Low
Unassigned
Utopic
Low
Unassigned
Vivid
Low
Unassigned
Wily
Low
Unassigned
linux-lts-raring (Ubuntu)
Status tracked in Wily
Precise
Low
Unassigned
Trusty
Low
Unassigned
Utopic
Low
Unassigned
Vivid
Low
Unassigned
Wily
Low
Unassigned
linux-lts-saucy (Ubuntu)
Status tracked in Wily
Precise
Low
Unassigned
Trusty
Low
Unassigned
Utopic
Low
Unassigned
Vivid
Low
Unassigned
Wily
Low
Unassigned
linux-lts-trusty (Ubuntu)
Precise
Low
Unassigned
linux-lts-utopic (Ubuntu)
Status tracked in Wily
Precise
Low
Unassigned
Vivid
Low
Unassigned
Wily
Low
Unassigned
linux-lts-vivid (Ubuntu)
Status tracked in Wily
Precise
Low
Unassigned
Vivid
Low
Unassigned
Wily
Low
Unassigned
linux-mako (Ubuntu)
Status tracked in Wily
Precise
Low
Unassigned
Vivid
Low
Unassigned
Wily
Low
Unassigned
linux-manta (Ubuntu)
Status tracked in Wily
Precise
Low
Unassigned
Vivid
Low
Unassigned
Wily
Low
Unassigned
linux-mvl-dove (Ubuntu)
Status tracked in Wily
Precise
Low
Unassigned
Trusty
Low
Unassigned
Utopic
Low
Unassigned
Vivid
Low
Unassigned
Wily
Low
Unassigned
linux-ti-omap4 (Ubuntu)
Status tracked in Wily
Precise
Low
Unassigned
Trusty
Low
Unassigned
Utopic
Low
Unassigned
Vivid
Low
Unassigned
Wily
Low
Unassigned

Bug Description

The ioapic_deliver function in virt/kvm/ioapic.c in the Linux kernel through 3.14.1 does not properly validate the kvm_irq_delivery_to_apic return value, which allows guest OS users to cause a denial of service (host OS crash) via a crafted entry in the redirection table of an I/O APIC. NOTE: the affected code was moved to the ioapic_service function before the vulnerability was announced.

Break-Fix: 2c2bf01136971c33e3b3fabce23925f372c1017e 5678de3f15010b9022ee45673f33bcfc71d47b60

CVE References

John Johansen (jjohansen) wrote :

CVE-2014-0155

tags: added: kernel-cve-tracking-bug
information type: Public → Public Security
Changed in linux-armadaxp (Ubuntu Saucy):
status: New → Invalid
Changed in linux-armadaxp (Ubuntu Trusty):
status: New → Invalid
Changed in linux-armadaxp (Ubuntu Lucid):
status: New → Invalid
Changed in linux-armadaxp (Ubuntu Utopic):
status: New → Invalid
Changed in linux-ec2 (Ubuntu Precise):
status: New → Invalid
Changed in linux-ec2 (Ubuntu Saucy):
status: New → Invalid
Changed in linux-ec2 (Ubuntu Trusty):
status: New → Invalid
Changed in linux-ec2 (Ubuntu Utopic):
status: New → Invalid
Changed in linux-ec2 (Ubuntu Quantal):
status: New → Invalid
Changed in linux-lts-quantal (Ubuntu Saucy):
status: New → Invalid
Changed in linux-lts-quantal (Ubuntu Trusty):
status: New → Invalid
Changed in linux-lts-quantal (Ubuntu Lucid):
status: New → Invalid
Changed in linux-lts-quantal (Ubuntu Utopic):
status: New → Invalid
Changed in linux-lts-quantal (Ubuntu Quantal):
status: New → Invalid
Changed in linux-mvl-dove (Ubuntu Precise):
status: New → Invalid
Changed in linux-mvl-dove (Ubuntu Saucy):
status: New → Invalid
Changed in linux-mvl-dove (Ubuntu Trusty):
status: New → Invalid
Changed in linux-mvl-dove (Ubuntu Utopic):
status: New → Invalid
Changed in linux-mvl-dove (Ubuntu Quantal):
status: New → Invalid
Changed in linux-lts-saucy (Ubuntu Saucy):
status: New → Invalid
Changed in linux-lts-saucy (Ubuntu Trusty):
status: New → Invalid
Changed in linux-lts-saucy (Ubuntu Lucid):
status: New → Invalid
Changed in linux-lts-saucy (Ubuntu Utopic):
status: New → Invalid
Changed in linux-lts-saucy (Ubuntu Quantal):
status: New → Invalid
Changed in linux (Ubuntu Utopic):
status: New → Fix Committed
Changed in linux-ti-omap4 (Ubuntu Trusty):
status: New → Invalid
Changed in linux-ti-omap4 (Ubuntu Lucid):
status: New → Invalid
Changed in linux-ti-omap4 (Ubuntu Utopic):
status: New → Invalid
Changed in linux-fsl-imx51 (Ubuntu Precise):
status: New → Invalid
Changed in linux-fsl-imx51 (Ubuntu Saucy):
status: New → Invalid
Changed in linux-fsl-imx51 (Ubuntu Trusty):
status: New → Invalid
Changed in linux-fsl-imx51 (Ubuntu Utopic):
status: New → Invalid
Changed in linux-fsl-imx51 (Ubuntu Quantal):
status: New → Invalid
Changed in linux-lts-raring (Ubuntu Saucy):
status: New → Invalid
Changed in linux-lts-raring (Ubuntu Trusty):
status: New → Invalid
Changed in linux-lts-raring (Ubuntu Lucid):
status: New → Invalid
Changed in linux-lts-raring (Ubuntu Utopic):
status: New → Invalid
Changed in linux-lts-raring (Ubuntu Quantal):
status: New → Invalid
description: updated
Changed in linux-armadaxp (Ubuntu Precise):
importance: Undecided → Low
Changed in linux-armadaxp (Ubuntu Saucy):
importance: Undecided → Low
Changed in linux-armadaxp (Ubuntu Trusty):
importance: Undecided → Low
Changed in linux-armadaxp (Ubuntu Lucid):
importance: Undecided → Low
Changed in linux-armadaxp (Ubuntu Utopic):
importance: Undecided → Low
Changed in linux-armadaxp (Ubuntu Quantal):
importance: Undecided → Low
Changed in linux-ec2 (Ubuntu Precise):
importance: Undecided → Low
Changed in linux-ec2 (Ubuntu Saucy):
importance: Undecided → Low
Changed in linux-ec2 (Ubuntu Trusty):
importance: Undecided → Low
Changed in linux-ec2 (Ubuntu Lucid):
importance: Undecided → Low
Changed in linux-ec2 (Ubuntu Utopic):
importance: Undecided → Low
Changed in linux-ec2 (Ubuntu Quantal):
importance: Undecided → Low
Changed in linux-lts-quantal (Ubuntu Precise):
importance: Undecided → Low
Changed in linux-lts-quantal (Ubuntu Saucy):
importance: Undecided → Low
Changed in linux-lts-quantal (Ubuntu Trusty):
importance: Undecided → Low
Changed in linux-lts-quantal (Ubuntu Lucid):
importance: Undecided → Low
Changed in linux-lts-quantal (Ubuntu Utopic):
importance: Undecided → Low
Changed in linux-lts-quantal (Ubuntu Quantal):
importance: Undecided → Low
Changed in linux-mvl-dove (Ubuntu Precise):
importance: Undecided → Low
Changed in linux-mvl-dove (Ubuntu Saucy):
importance: Undecided → Low
Changed in linux-mvl-dove (Ubuntu Trusty):
importance: Undecided → Low
Changed in linux-mvl-dove (Ubuntu Lucid):
status: New → Invalid
importance: Undecided → Low
Changed in linux-mvl-dove (Ubuntu Utopic):
importance: Undecided → Low
Changed in linux-mvl-dove (Ubuntu Quantal):
importance: Undecided → Low
Changed in linux-lts-saucy (Ubuntu Precise):
importance: Undecided → Low
Changed in linux-lts-saucy (Ubuntu Saucy):
importance: Undecided → Low
Changed in linux-lts-saucy (Ubuntu Trusty):
importance: Undecided → Low
Changed in linux-lts-saucy (Ubuntu Lucid):
importance: Undecided → Low
Changed in linux-lts-saucy (Ubuntu Utopic):
importance: Undecided → Low
Changed in linux-lts-saucy (Ubuntu Quantal):
importance: Undecided → Low
Changed in linux (Ubuntu Precise):
importance: Undecided → Low
Changed in linux (Ubuntu Saucy):
importance: Undecided → Low
Changed in linux (Ubuntu Trusty):
importance: Undecided → Low
Changed in linux (Ubuntu Lucid):
importance: Undecided → Low
Changed in linux (Ubuntu Utopic):
importance: Undecided → Low
Changed in linux (Ubuntu Quantal):
importance: Undecided → Low
Changed in linux-ti-omap4 (Ubuntu Precise):
importance: Undecided → Low
Changed in linux-ti-omap4 (Ubuntu Saucy):
importance: Undecided → Low
Changed in linux-ti-omap4 (Ubuntu Trusty):
importance: Undecided → Low
Changed in linux-ti-omap4 (Ubuntu Lucid):
importance: Undecided → Low
Changed in linux-ti-omap4 (Ubuntu Utopic):
importance: Undecided → Low
Changed in linux-ti-omap4 (Ubuntu Quantal):
importance: Undecided → Low
Changed in linux-fsl-imx51 (Ubuntu Precise):
importance: Undecided → Low
Changed in linux-fsl-imx51 (Ubuntu Saucy):
importance: Undecided → Low
Changed in linux-fsl-imx51 (Ubuntu Trusty):
importance: Undecided → Low
Changed in linux-fsl-imx51 (Ubuntu Lucid):
status: New → Invalid
importance: Undecided → Low
Changed in linux-fsl-imx51 (Ubuntu Utopic):
importance: Undecided → Low
Changed in linux-fsl-imx51 (Ubuntu Quantal):
importance: Undecided → Low
Changed in linux-lts-raring (Ubuntu Precise):
importance: Undecided → Low
Changed in linux-lts-raring (Ubuntu Saucy):
importance: Undecided → Low
Changed in linux-lts-raring (Ubuntu Trusty):
importance: Undecided → Low
Changed in linux-lts-raring (Ubuntu Lucid):
importance: Undecided → Low
Changed in linux-lts-raring (Ubuntu Utopic):
importance: Undecided → Low
Changed in linux-lts-raring (Ubuntu Quantal):
importance: Undecided → Low
Changed in linux-armadaxp (Ubuntu Precise):
status: New → Invalid
Changed in linux-armadaxp (Ubuntu Quantal):
status: New → Invalid
Changed in linux-ec2 (Ubuntu Lucid):
status: New → Invalid
Changed in linux-lts-quantal (Ubuntu Precise):
status: New → Invalid
Changed in linux (Ubuntu Precise):
status: New → Invalid
Changed in linux (Ubuntu Lucid):
status: New → Invalid
Changed in linux (Ubuntu Quantal):
status: New → Invalid
Changed in linux-ti-omap4 (Ubuntu Precise):
status: New → Invalid
Changed in linux-ti-omap4 (Ubuntu Saucy):
status: New → Invalid
Changed in linux-ti-omap4 (Ubuntu Quantal):
status: New → Invalid
Changed in linux-lts-raring (Ubuntu Precise):
status: New → Invalid
description: updated
no longer affects: linux-armadaxp (Ubuntu Quantal)
no longer affects: linux-ec2 (Ubuntu Quantal)
no longer affects: linux-lts-saucy (Ubuntu Quantal)
no longer affects: linux-lts-quantal (Ubuntu Quantal)
no longer affects: linux-mvl-dove (Ubuntu Quantal)
no longer affects: linux (Ubuntu Quantal)
no longer affects: linux-fsl-imx51 (Ubuntu Quantal)
no longer affects: linux-ti-omap4 (Ubuntu Quantal)
no longer affects: linux-lts-raring (Ubuntu Quantal)
Changed in linux-lts-saucy (Ubuntu Precise):
status: New → Fix Committed
Changed in linux (Ubuntu Saucy):
status: New → Fix Committed
Changed in linux-lts-saucy (Ubuntu Precise):
status: Fix Committed → Fix Released
Changed in linux (Ubuntu Saucy):
status: Fix Committed → Fix Released
Changed in linux-lts-backport-maverick (Ubuntu Lucid):
status: New → Won't Fix
Changed in linux-lts-backport-natty (Ubuntu Lucid):
status: New → Won't Fix
Changed in linux-lts-backport-maverick (Ubuntu Precise):
status: New → Won't Fix
Changed in linux-lts-backport-natty (Ubuntu Precise):
status: New → Won't Fix
Changed in linux-lts-backport-maverick (Ubuntu Quantal):
status: New → Won't Fix
Changed in linux-lts-backport-natty (Ubuntu Quantal):
status: New → Won't Fix
Changed in linux-lts-backport-maverick (Ubuntu Saucy):
status: New → Won't Fix
Changed in linux-lts-backport-natty (Ubuntu Saucy):
status: New → Won't Fix
Changed in linux-lts-backport-maverick (Ubuntu Trusty):
status: New → Won't Fix
Changed in linux-lts-backport-natty (Ubuntu Trusty):
status: New → Won't Fix
Changed in linux-lts-backport-maverick (Ubuntu Utopic):
status: New → Won't Fix
Changed in linux-lts-backport-natty (Ubuntu Utopic):
status: New → Won't Fix
no longer affects: linux-armadaxp (Ubuntu Saucy)
no longer affects: linux-ec2 (Ubuntu Saucy)
no longer affects: linux-lts-saucy (Ubuntu Saucy)
no longer affects: linux-lts-quantal (Ubuntu Saucy)
no longer affects: linux-mvl-dove (Ubuntu Saucy)
no longer affects: linux (Ubuntu Saucy)
no longer affects: linux-fsl-imx51 (Ubuntu Saucy)
no longer affects: linux-ti-omap4 (Ubuntu Saucy)
no longer affects: linux-lts-raring (Ubuntu Saucy)
Changed in linux (Ubuntu Trusty):
status: New → Fix Committed
Changed in linux (Ubuntu):
status: Fix Committed → Invalid
Changed in linux (Ubuntu Trusty):
status: Fix Committed → Fix Released
Changed in linux (Ubuntu Utopic):
status: Fix Committed → Invalid
Changed in linux-lts-backport-natty (Ubuntu):
status: New → Invalid
Changed in linux-lts-backport-maverick (Ubuntu):
status: New → Invalid
Changed in linux-lts-trusty (Ubuntu Precise):
status: New → Fix Released
no longer affects: linux-lts-trusty (Ubuntu)
no longer affects: linux-lts-trusty (Ubuntu Lucid)
no longer affects: linux-lts-trusty (Ubuntu Trusty)
no longer affects: linux-lts-trusty (Ubuntu Utopic)
no longer affects: linux-armadaxp (Ubuntu Lucid)
no longer affects: linux-ec2 (Ubuntu Lucid)
no longer affects: linux-lts-saucy (Ubuntu Lucid)
no longer affects: linux-lts-quantal (Ubuntu Lucid)
no longer affects: linux-mvl-dove (Ubuntu Lucid)
no longer affects: linux (Ubuntu Lucid)
no longer affects: linux-fsl-imx51 (Ubuntu Lucid)
no longer affects: linux-ti-omap4 (Ubuntu Lucid)
no longer affects: linux-lts-raring (Ubuntu Lucid)
Changed in linux-lts-trusty (Ubuntu Precise):
importance: Undecided → Low
Changed in linux-lts-quantal (Ubuntu Vivid):
status: New → Invalid
importance: Undecided → Low
Changed in linux (Ubuntu Vivid):
status: New → Invalid
importance: Undecided → Low
Changed in linux-ti-omap4 (Ubuntu Vivid):
status: New → Invalid
importance: Undecided → Low
Changed in linux-lts-raring (Ubuntu Vivid):
status: New → Invalid
importance: Undecided → Low
Changed in linux-armadaxp (Ubuntu Vivid):
status: New → Invalid
importance: Undecided → Low
Changed in linux-mvl-dove (Ubuntu Vivid):
status: New → Invalid
importance: Undecided → Low
Changed in linux-lts-saucy (Ubuntu Vivid):
status: New → Invalid
importance: Undecided → Low
Changed in linux-manta (Ubuntu Precise):
status: New → Invalid
importance: Undecided → Low
Changed in linux-manta (Ubuntu Wily):
status: New → Invalid
importance: Undecided → Low
Changed in linux-manta (Ubuntu Vivid):
status: New → Invalid
importance: Undecided → Low
Changed in linux-ec2 (Ubuntu Vivid):
status: New → Invalid
importance: Undecided → Low
Changed in linux-lts-vivid (Ubuntu Precise):
status: New → Invalid
importance: Undecided → Low
Changed in linux-lts-vivid (Ubuntu Vivid):
status: New → Invalid
importance: Undecided → Low
Changed in linux-lts-vivid (Ubuntu Wily):
status: New → Invalid
importance: Undecided → Low
Changed in linux-mako (Ubuntu Precise):
status: New → Invalid
importance: Undecided → Low
Changed in linux-mako (Ubuntu Wily):
status: New → Invalid
importance: Undecided → Low
Changed in linux-mako (Ubuntu Vivid):
status: New → Invalid
importance: Undecided → Low
Changed in linux-fsl-imx51 (Ubuntu Vivid):
status: New → Invalid
importance: Undecided → Low
Changed in linux-lts-utopic (Ubuntu Precise):
status: New → Invalid
importance: Undecided → Low
Changed in linux-lts-utopic (Ubuntu Vivid):
status: New → Invalid
importance: Undecided → Low
Changed in linux-lts-utopic (Ubuntu Wily):
status: New → Invalid
importance: Undecided → Low
Changed in linux-goldfish (Ubuntu Precise):
status: New → Invalid
importance: Undecided → Low
Changed in linux-goldfish (Ubuntu Wily):
status: New → Invalid
importance: Undecided → Low
Changed in linux-goldfish (Ubuntu Vivid):
status: New → Invalid
importance: Undecided → Low
Changed in linux-flo (Ubuntu Precise):
status: New → Invalid
importance: Undecided → Low
Changed in linux-flo (Ubuntu Wily):
status: New → Invalid
importance: Undecided → Low
Changed in linux-flo (Ubuntu Vivid):
status: New → Invalid
importance: Undecided → Low
To post a comment you must log in.
This report contains Public Security information  Edit
Everyone can see this security related information.

Other bug subscribers