Bug 1062368 (CVE-2014-0049)
Summary: | CVE-2014-0049 kernel: kvm: mmio_fragments out-of-the-bounds access | ||
---|---|---|---|
Product: | [Other] Security Response | Reporter: | Petr Matousek <pmatouse> |
Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
Status: | CLOSED NOTABUG | QA Contact: | |
Severity: | high | Docs Contact: | |
Priority: | high | ||
Version: | unspecified | CC: | agordeev, anton, aquini, dhoward, drjones, fhrbata, kernel-mgr, lwang, npajkovs, pbonzini, pholasek, security-response-team |
Target Milestone: | --- | Keywords: | Security |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2014-02-06 18:13:55 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 1071836, 1071837 | ||
Bug Blocks: | 1062369 |
Description
Petr Matousek
2014-02-06 18:09:54 UTC
Statement: Not vulnerable. This issue did not affect the versions of kvm package as shipped with Red Hat Enterprise Linux 5 as they did not backport the upstream kvm commit that introduced this issue. This issue did not affect the versions of Linux kernel as shipped Red Hat Enterprise Linux 6 as they did not backport the upstream kvm commit that introduced this issue. This issue did not affect the versions of Linux kernel as shipped Red Hat Enterprise MRG as they did not provide support for the KVM subsystem. Upstream patch: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=a08d3b3b99efd509133946056531cdf8f3a0c09b Created kernel tracking bugs for this issue: Affects: fedora-all [bug 1071837] kernel-3.13.5-202.fc20 has been pushed to the Fedora 20 stable repository. If problems still persist, please make note of it in this bug report. kernel-3.13.5-103.fc19 has been pushed to the Fedora 19 stable repository. If problems still persist, please make note of it in this bug report. |