Executive Summary

Informations
NameCVE-2014-8134First vendor Publication2014-12-12
VendorCveLast vendor Modification2017-01-02

Security-Database Scoring CVSS v2

Cvss vector : (AV:L/AC:L/Au:N/C:P/I:N/A:N)
Cvss Base Score2.1Attack RangeLocal
Cvss Impact Score2.9Attack ComplexityLow
Cvss Expoit Score3.9AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

The paravirt_ops_setup function in arch/x86/kernel/kvm.c in the Linux kernel through 3.18 uses an improper paravirt_enabled setting for KVM guest kernels, which makes it easier for guest OS users to bypass the ASLR protection mechanism via a crafted application that reads a 16-bit value.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8134

CWE : Common Weakness Enumeration

%idName
100 %CWE-264Permissions, Privileges, and Access Controls

CPE : Common Platform Enumeration

TypeDescriptionCount
Os2158

Nessus® Vulnerability Scanner

DateDescription
2017-04-03Name : The remote OracleVM host is missing one or more security updates.
File : oraclevm_OVMSA-2017-0057.nasl - Type : ACT_GATHER_INFO
2016-06-17Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20160510_kernel_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2016-05-18Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2016-0855.nasl - Type : ACT_GATHER_INFO
2016-05-17Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2016-0855.nasl - Type : ACT_GATHER_INFO
2016-05-12Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2016-0855.nasl - Type : ACT_GATHER_INFO
2015-05-20Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2015-0481-1.nasl - Type : ACT_GATHER_INFO
2015-04-14Name : The remote openSUSE host is missing a security update.
File : openSUSE-2015-301.nasl - Type : ACT_GATHER_INFO
2015-04-14Name : The remote openSUSE host is missing a security update.
File : openSUSE-2015-302.nasl - Type : ACT_GATHER_INFO
2015-04-10Name : The remote OracleVM host is missing one or more security updates.
File : oraclevm_OVMSA-2015-0040.nasl - Type : ACT_GATHER_INFO
2015-03-26Name : The remote Debian host is missing a security update.
File : debian_DLA-155.nasl - Type : ACT_GATHER_INFO
2015-03-24Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_kernel-150306.nasl - Type : ACT_GATHER_INFO
2015-03-20Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2015-3012.nasl - Type : ACT_GATHER_INFO
2015-01-06Name : The remote Fedora host is missing a security update.
File : fedora_2014-17244.nasl - Type : ACT_GATHER_INFO
2014-12-22Name : The remote Fedora host is missing a security update.
File : fedora_2014-17283.nasl - Type : ACT_GATHER_INFO
2014-12-22Name : The remote Fedora host is missing a security update.
File : fedora_2014-17293.nasl - Type : ACT_GATHER_INFO
2014-12-22Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2447-2.nasl - Type : ACT_GATHER_INFO
2014-12-22Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2448-2.nasl - Type : ACT_GATHER_INFO
2014-12-15Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2441-1.nasl - Type : ACT_GATHER_INFO
2014-12-15Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-2442-1.nasl - Type : ACT_GATHER_INFO
2014-12-15Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2443-1.nasl - Type : ACT_GATHER_INFO
2014-12-15Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2445-1.nasl - Type : ACT_GATHER_INFO
2014-12-15Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2446-1.nasl - Type : ACT_GATHER_INFO
2014-12-15Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2447-1.nasl - Type : ACT_GATHER_INFO
2014-12-15Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2448-1.nasl - Type : ACT_GATHER_INFO

Sources (Detail)

SourceUrl
BID http://www.securityfocus.com/bid/71650
CONFIRM http://people.canonical.com/~ubuntu-security/cve/2014/CVE-2014-8134.html
http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-295209...
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1400314
https://bugzilla.novell.com/show_bug.cgi?id=909078
https://bugzilla.redhat.com/show_bug.cgi?id=1172765
https://support.f5.com/csp/article/K17120
https://support.f5.com/csp/article/K17120?utm_source=f5support&utm_me...
MLIST http://www.spinics.net/lists/kvm/msg111458.html
REDHAT http://rhn.redhat.com/errata/RHSA-2016-0855.html
SUSE http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.html
http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html
http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00009.html
http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00015.html

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
DateInformations
2019-10-10 12:06:50
  • Multiple Updates
2019-09-10 12:06:44
  • Multiple Updates
2019-01-25 12:06:36
  • Multiple Updates
2018-11-17 12:05:10
  • Multiple Updates
2018-10-30 12:07:14
  • Multiple Updates
2018-08-09 12:03:13
  • Multiple Updates
2018-04-25 12:06:00
  • Multiple Updates
2017-04-04 13:20:39
  • Multiple Updates
2017-03-22 12:01:07
  • Multiple Updates
2017-01-03 09:23:00
  • Multiple Updates
2016-11-29 00:24:56
  • Multiple Updates
2016-10-04 09:24:05
  • Multiple Updates
2016-08-12 12:01:46
  • Multiple Updates
2016-07-13 12:01:03
  • Multiple Updates
2016-06-30 21:39:17
  • Multiple Updates
2016-06-29 00:41:03
  • Multiple Updates
2016-06-18 13:27:58
  • Multiple Updates
2016-05-19 13:27:02
  • Multiple Updates
2016-05-18 13:27:58
  • Multiple Updates
2016-05-13 13:29:29
  • Multiple Updates
2016-04-27 01:23:32
  • Multiple Updates
2015-06-04 09:27:02
  • Multiple Updates
2015-05-21 13:31:47
  • Multiple Updates
2015-04-15 13:28:16
  • Multiple Updates
2015-04-11 13:28:52
  • Multiple Updates
2015-03-27 13:28:42
  • Multiple Updates
2015-03-26 09:26:41
  • Multiple Updates
2015-03-25 13:28:25
  • Multiple Updates
2015-03-21 13:27:34
  • Multiple Updates
2015-03-18 09:28:00
  • Multiple Updates
2015-01-22 17:23:35
  • Multiple Updates
2015-01-07 13:26:28
  • Multiple Updates
2014-12-23 13:26:39
  • Multiple Updates
2014-12-16 21:24:35
  • Multiple Updates
2014-12-16 13:25:33
  • Multiple Updates
2014-12-12 21:23:44
  • First insertion