** Description changed: - There's a race condition in the PIT emulation code in KVM. In - __kvm_migrate_pit_timer the pit_timer object is accessed without - synchronization. A local guest user with access to the PIT i/o ports - could use this flaw to crash the host. + Race condition in the __kvm_migrate_pit_timer function in + arch/x86/kvm/i8254.c in the KVM subsystem in the Linux kernel through + 3.17.2 allows guest OS users to cause a denial of service (host OS + crash) by leveraging incorrect PIT emulation. A local guest user with + access to the PIT i/o ports could use this flaw to crash the host. Break-Fix: - 2febc839133280d5a5e8e1179c94ea674489dae2
-- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1384540 Title: CVE-2014-3611 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1384540/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
