Bug 1144878 (CVE-2014-3611)
Summary: | CVE-2014-3611 kernel: kvm: PIT timer race condition | ||
---|---|---|---|
Product: | [Other] Security Response | Reporter: | Petr Matousek <pmatouse> |
Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
Status: | CLOSED ERRATA | QA Contact: | |
Severity: | high | Docs Contact: | |
Priority: | high | ||
Version: | unspecified | CC: | agordeev, aquini, areis, carnil, dhoward, drjones, ehabkost, fhrbata, jiazhang, kernel-mgr, knoel, lersek, lwang, mguzik, mkenneth, mmilgram, mrezanin, mst, mtosatti, nmurray, pbonzini, pholasek, plougher, rkrcmar, rvrbovsk, security-response-team, squ, stefanha |
Target Milestone: | --- | Keywords: | Security |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: |
A race condition flaw was found in the way the Linux kernel's KVM subsystem handled PIT (Programmable Interval Timer) emulation. A guest user who has access to the PIT I/O ports could use this flaw to crash the host.
|
Story Points: | --- |
Clone Of: | Environment: | ||
Last Closed: | 2015-04-22 11:04:59 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 1144879, 1144880, 1149592, 1149593, 1152985, 1156537, 1172498 | ||
Bug Blocks: | 1144830 |
Description
Petr Matousek
2014-09-21 19:30:28 UTC
Statement: This issue does affects the Linux kernel packages as shipped with Red Hat Enterprise Linux 6 and 7. This issue does affect the kvm packages as shipped with Red Hat Enterprise Linux 5. Future updates may address this issue in the respective Red Hat Enterprise Linux releases. Upstream patch: http://git.kernel.org/cgit/virt/kvm/kvm.git/commit/?id=2febc839133280d5a5e8e1179c94ea674489dae2 Created kernel tracking bugs for this issue: Affects: fedora-all [bug 1156537] kernel-3.16.6-203.fc20 has been pushed to the Fedora 20 stable repository. If problems still persist, please make note of it in this bug report. This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2014:1724 https://rhn.redhat.com/errata/RHSA-2014-1724.html IssueDescription: A race condition flaw was found in the way the Linux kernel's KVM subsystem handled PIT (Programmable Interval Timer) emulation. A guest user who has access to the PIT I/O ports could use this flaw to crash the host. kernel-3.17.2-300.fc21 has been pushed to the Fedora 21 stable repository. If problems still persist, please make note of it in this bug report. This issue has been addressed in the following products: Red Hat Enterprise Linux 6 Via RHSA-2014:1843 https://rhn.redhat.com/errata/RHSA-2014-1843.html kernel-3.14.23-100.fc19 has been pushed to the Fedora 19 stable repository. If problems still persist, please make note of it in this bug report. This issue has been addressed in the following products: RHEV-H and Agents for RHEL-6 Via RHSA-2015:0126 https://rhn.redhat.com/errata/RHSA-2015-0126.html This issue has been addressed in the following products: Red Hat Enterprise Linux 6.5 EUS - Server and Compute Node Only Via RHSA-2015:0284 https://rhn.redhat.com/errata/RHSA-2015-0284.html This issue has been addressed in the following products: Red Hat Enterprise Linux 5 Via RHSA-2015:0869 https://rhn.redhat.com/errata/RHSA-2015-0869.html |