Executive Summary
| Informations | |||
|---|---|---|---|
| Name | CVE-2014-3646 | First vendor Publication | 2014-11-10 |
| Vendor | Cve | Last vendor Modification | 2024-11-21 |
Security-Database Scoring CVSS v3
| Cvss vector : CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H | |||
|---|---|---|---|
| Overall CVSS Score | 5.5 | ||
| Base Score | 5.5 | Environmental Score | 5.5 |
| impact SubScore | 3.6 | Temporal Score | 5.5 |
| Exploitabality Sub Score | 1.8 | ||
| Attack Vector | Local | Attack Complexity | Low |
| Privileges Required | None | User Interaction | Required |
| Scope | Unchanged | Confidentiality Impact | None |
| Integrity Impact | None | Availability Impact | High |
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:L/AC:M/Au:N/C:N/I:N/A:C) | |||
|---|---|---|---|
| Cvss Base Score | 4.7 | Attack Range | Local |
| Cvss Impact Score | 6.9 | Attack Complexity | Medium |
| Cvss Expoit Score | 3.4 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| arch/x86/kvm/vmx.c in the KVM subsystem in the Linux kernel through 3.17.2 does not have an exit handler for the INVVPID instruction, which allows guest OS users to cause a denial of service (guest OS crash) via a crafted application. |
Original Source
| Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3646 |
OVAL Definitions
| Definition Id: oval:org.mitre.oval:def:27268 | |||
| Oval ID: | oval:org.mitre.oval:def:27268 | ||
| Title: | ELSA-2014-1724 -- kernel security and bug fix update (important) | ||
| Description: | [3.10.0-123.9.2] - Oracle Linux certificates (Alexey Petrenko) [3.10.0-123.9.2] - [virt] kvm: fix PIT timer race condition (Petr Matousek) [1144879 1144880] {CVE-2014-3611} - [virt] kvm/vmx: handle invept and invvpid vm exits gracefully (Petr Matousek) [1145449 1116936] [1144828 1144829] {CVE-2014-3645 CVE-2014-3646} [3.10.0-123.9.1] - [md] raid6: avoid data corruption during recovery of double-degraded RAID6 (Jes Sorensen) [1143850 1130905] - [fs] ext4: fix type declaration of ext4_validate_block_bitmap (Lukas Czerner) [1140978 1091055] - [fs] ext4: error out if verifying the block bitmap fails (Lukas Czerner) [1140978 1091055] - [powerpc] sched: stop updating inside arch_update_cpu_topology() when nothing to be update (Gustavo Duarte) [1140300 1098372] - [powerpc] 64bit sendfile is capped at 2GB (Gustavo Duarte) [1139126 1107774] - [s390] fix restore of invalid floating-point-control (Hendrik Brueckner) [1138733 1121965] - [kernel] sched/fair: Rework sched_fair time accounting (Rik van Riel) [1134717 1123731] - [kernel] math64: Add mul_u64_u32_shr() (Rik van Riel) [1134717 1123731] - [kernel] workqueue: zero cpumask of wq_numa_possible_cpumask on init (Motohiro Kosaki) [1134715 1117184] - [cpufreq] acpi-cpufreq: skip loading acpi_cpufreq after intel_pstate (Motohiro Kosaki) [1134716 1123250] - [security] selinux: Increase ebitmap_node size for 64-bit configuration (Paul Moore) [1132076 922752] - [security] selinux: Reduce overhead of mls_level_isvalid() function call (Paul Moore) [1132076 922752] - [ethernet] cxgb4: allow large buffer size to have page size (Gustavo Duarte) [1130548 1078977] - [kernel] sched/autogroup: Fix race with task_groups list (Gustavo Duarte) [1129990 1081406] - [net] sctp: inherit auth_capable on INIT collisions (Daniel Borkmann) [1124337 1123763] {CVE-2014-5077} - [sound] alsa/control: Don't access controls outside of protected regions (Radomir Vrbovsky) [1117330 1117331] {CVE-2014-4653} | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2014-1724 CVE-2014-4653 CVE-2014-5077 CVE-2014-3611 CVE-2014-3645 CVE-2014-3646 | Version: | 3 |
| Platform(s): | Oracle Linux 7 | Product(s): | kernel |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:27992 | |||
| Oval ID: | oval:org.mitre.oval:def:27992 | ||
| Title: | RHSA-2014:1843 -- kernel security and bug fix update (Important) | ||
| Description: | The kernel packages contain the Linux kernel, the core of any Linux operating system. * A race condition flaw was found in the way the Linux kernel's KVM subsystem handled PIT (Programmable Interval Timer) emulation. A guest user who has access to the PIT I/O ports could use this flaw to crash the host. (CVE-2014-3611, Important) * A memory corruption flaw was found in the way the USB ConnectTech WhiteHEAT serial driver processed completion commands sent via USB Request Blocks buffers. An attacker with physical access to the system could use this flaw to crash the system or, potentially, escalate their privileges on the system. (CVE-2014-3185, Moderate) * It was found that the Linux kernel's KVM subsystem did not handle the VM exits gracefully for the invept (Invalidate Translations Derived from EPT) and invvpid (Invalidate Translations Based on VPID) instructions. On hosts with an Intel processor and invept/invppid VM exit support, an unprivileged guest user could use these instructions to crash the guest. (CVE-2014-3645, CVE-2014-3646, Moderate) Red Hat would like to thank Lars Bull of Google for reporting CVE-2014-3611, and the Advanced Threat Research team at Intel Security for reporting CVE-2014-3645 and CVE-2014-3646. This update also fixes the following bugs: * This update fixes several race conditions between PCI error recovery callbacks and potential calls of the ifup and ifdown commands in the tg3 driver. When triggered, these race conditions could cause a kernel crash. (BZ#1142570) * Previously, GFS2 failed to unmount a sub-mounted GFS2 file system if its parent was also a GFS2 file system. This problem has been fixed by adding the appropriate d_op->d_hash() routine call for the last component of the mount point path in the path name lookup mechanism code (namei). (BZ#1145193) * Due to previous changes in the virtio-net driver, a Red Hat Enterprise Linux 6.6 guest was unable to boot with the "mgr_rxbuf=off" option specified. This was caused by providing the page_to_skb() function with an incorrect packet length in the driver's Rx path. This problem has been fixed and the guest in the described scenario can now boot successfully. (BZ#1148693) * When using one of the newer IPSec Authentication Header (AH) algorithms with Openswan, a kernel panic could occur. This happened because the maximum truncated ICV length was too small. To fix this problem, the MAX_AH_AUTH_LEN parameter has been set to 64. (BZ#1149083) * A bug in the IPMI driver caused the kernel to panic when an IPMI interface was removed using the hotmod script. The IPMI driver has been fixed to properly clean the relevant data when removing an IPMI interface. (BZ#1149578) * Due to a bug in the IPMI driver, the kernel could panic when adding an IPMI interface that was previously removed using the hotmod script. This update fixes this bug by ensuring that the relevant shadow structure is initialized at the right time. (BZ#1149580) All kernel users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect. | ||
| Family: | unix | Class: | patch |
| Reference(s): | RHSA-2014:1843 CESA-2014:1843 CVE-2014-3185 CVE-2014-3611 CVE-2014-3645 CVE-2014-3646 | Version: | 3 |
| Platform(s): | Red Hat Enterprise Linux 6 CentOS Linux 6 | Product(s): | kernel |
| Definition Synopsis: | |||
| |||
CPE : Common Platform Enumeration
Nessus® Vulnerability Scanner
| Date | Description |
|---|---|
| 2017-04-03 | Name : The remote OracleVM host is missing one or more security updates. File : oraclevm_OVMSA-2017-0057.nasl - Type : ACT_GATHER_INFO |
| 2015-07-30 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2015-1272.nasl - Type : ACT_GATHER_INFO |
| 2015-05-20 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2015-0481-1.nasl - Type : ACT_GATHER_INFO |
| 2015-03-13 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2015-0290.nasl - Type : ACT_GATHER_INFO |
| 2015-03-05 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2015-0284.nasl - Type : ACT_GATHER_INFO |
| 2015-02-06 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2015-0126.nasl - Type : ACT_GATHER_INFO |
| 2014-12-26 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_kernel-141217.nasl - Type : ACT_GATHER_INFO |
| 2014-12-26 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_kernel-141202.nasl - Type : ACT_GATHER_INFO |
| 2014-12-17 | Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL15912.nasl - Type : ACT_GATHER_INFO |
| 2014-12-05 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-3096.nasl - Type : ACT_GATHER_INFO |
| 2014-11-28 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2014-230.nasl - Type : ACT_GATHER_INFO |
| 2014-11-25 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2417-1.nasl - Type : ACT_GATHER_INFO |
| 2014-11-17 | Name : The remote Fedora host is missing a security update. File : fedora_2014-14068.nasl - Type : ACT_GATHER_INFO |
| 2014-11-12 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-1843.nasl - Type : ACT_GATHER_INFO |
| 2014-11-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-1843.nasl - Type : ACT_GATHER_INFO |
| 2014-11-12 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2014-1843.nasl - Type : ACT_GATHER_INFO |
| 2014-11-04 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20141028_kernel_on_SL7_x.nasl - Type : ACT_GATHER_INFO |
| 2014-11-03 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2396-1.nasl - Type : ACT_GATHER_INFO |
| 2014-11-03 | Name : The remote Fedora host is missing a security update. File : fedora_2014-14126.nasl - Type : ACT_GATHER_INFO |
| 2014-11-03 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-3060.nasl - Type : ACT_GATHER_INFO |
| 2014-10-31 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2395-1.nasl - Type : ACT_GATHER_INFO |
| 2014-10-31 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2394-1.nasl - Type : ACT_GATHER_INFO |
| 2014-10-31 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-3084.nasl - Type : ACT_GATHER_INFO |
| 2014-10-29 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2014-1724.nasl - Type : ACT_GATHER_INFO |
| 2014-10-29 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-1724.nasl - Type : ACT_GATHER_INFO |
| 2014-10-29 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-1724.nasl - Type : ACT_GATHER_INFO |
| 2014-10-29 | Name : The remote Fedora host is missing a security update. File : fedora_2014-13773.nasl - Type : ACT_GATHER_INFO |
Sources (Detail)
Alert History
| Date | Informations |
|---|---|
| 2024-11-28 12:41:01 |
|
| 2024-10-23 01:27:20 |
|
| 2024-08-02 12:28:28 |
|
| 2024-08-02 01:08:33 |
|
| 2024-03-12 12:25:11 |
|
| 2024-02-02 01:27:39 |
|
| 2024-02-01 12:08:13 |
|
| 2023-12-29 01:24:11 |
|
| 2023-11-22 01:24:02 |
|
| 2023-09-05 12:26:12 |
|
| 2023-09-05 01:08:07 |
|
| 2023-09-02 12:26:13 |
|
| 2023-09-02 01:08:13 |
|
| 2023-08-12 12:28:32 |
|
| 2023-08-12 01:07:44 |
|
| 2023-08-11 12:24:20 |
|
| 2023-08-11 01:07:55 |
|
| 2023-08-06 12:23:39 |
|
| 2023-08-06 01:07:42 |
|
| 2023-08-04 12:23:42 |
|
| 2023-08-04 01:07:46 |
|
| 2023-07-14 12:23:41 |
|
| 2023-07-14 01:07:45 |
|
| 2023-03-29 01:25:32 |
|
| 2023-03-28 12:08:06 |
|
| 2023-02-13 05:28:15 |
|
| 2023-02-02 21:28:31 |
|
| 2022-10-11 12:21:23 |
|
| 2022-10-11 01:07:54 |
|
| 2022-09-09 01:18:48 |
|
| 2022-03-11 01:17:37 |
|
| 2021-05-25 12:14:16 |
|
| 2021-05-04 12:33:08 |
|
| 2021-04-22 01:40:41 |
|
| 2020-08-14 00:22:47 |
|
| 2020-08-11 12:11:01 |
|
| 2020-08-08 01:11:00 |
|
| 2020-08-07 12:11:10 |
|
| 2020-08-07 01:11:39 |
|
| 2020-08-01 12:11:01 |
|
| 2020-07-30 01:11:34 |
|
| 2020-05-23 01:52:14 |
|
| 2020-05-23 00:41:09 |
|
| 2019-01-25 12:06:20 |
|
| 2018-11-17 12:04:53 |
|
| 2018-10-30 12:06:56 |
|
| 2018-08-09 12:02:56 |
|
| 2018-04-25 12:05:44 |
|
| 2017-04-04 13:20:39 |
|
| 2017-03-22 12:00:51 |
|
| 2016-08-12 12:01:31 |
|
| 2016-07-13 12:00:47 |
|
| 2016-06-30 21:38:06 |
|
| 2016-06-28 22:51:59 |
|
| 2016-04-27 00:53:31 |
|
| 2015-07-31 13:28:39 |
|
| 2015-05-21 13:31:23 |
|
| 2015-03-26 09:26:25 |
|
| 2015-03-18 09:26:58 |
|
| 2015-03-14 13:25:28 |
|
| 2015-03-06 13:25:49 |
|
| 2015-02-07 13:25:10 |
|
| 2014-12-27 13:25:06 |
|
| 2014-12-18 13:25:33 |
|
| 2014-12-07 09:25:46 |
|
| 2014-12-06 13:27:02 |
|
| 2014-11-29 13:27:15 |
|
| 2014-11-26 13:28:16 |
|
| 2014-11-18 13:26:07 |
|
| 2014-11-14 13:28:08 |
|
| 2014-11-13 13:27:03 |
|
| 2014-11-13 00:23:47 |
|
| 2014-11-10 17:23:24 |
|
