CVE-2014-0155

Published: 14 April 2014

The ioapic_deliver function in virt/kvm/ioapic.c in the Linux kernel through 3.14.1 does not properly validate the kvm_irq_delivery_to_apic return value, which allows guest OS users to cause a denial of service (host OS crash) via a crafted entry in the redirection table of an I/O APIC. NOTE: the affected code was moved to the ioapic_service function before the vulnerability was announced.

From the Ubuntu security team

A flaw was discovered in the Linux kernel virtual machine's (kvm) validation of interrupt requests (irq). A guest OS user could exploit this flaw to cause a denial of service (host OS crash).

Priority

Status

Package	Release	Status
linux Launchpad, Ubuntu, Debian	Upstream	Released (3.15~rc2)







	Patches: Introduced by 2c2bf01136971c33e3b3fabce23925f372c1017e Fixed by 5678de3f15010b9022ee45673f33bcfc71d47b60
linux-armadaxp Launchpad, Ubuntu, Debian	Upstream	Released (3.15~rc2)







	This package is not directly supported by the Ubuntu Security Team
linux-aws Launchpad, Ubuntu, Debian	Upstream	Released (3.15~rc2)







linux-ec2 Launchpad, Ubuntu, Debian	Upstream	Released (3.15~rc2)







linux-flo Launchpad, Ubuntu, Debian	Upstream	Released (3.15~rc2)







linux-fsl-imx51 Launchpad, Ubuntu, Debian	Upstream	Released (3.15~rc2)







linux-gke Launchpad, Ubuntu, Debian	Upstream	Released (3.15~rc2)







linux-goldfish Launchpad, Ubuntu, Debian	Upstream	Released (3.15~rc2)







linux-grouper Launchpad, Ubuntu, Debian	Upstream	Released (3.15~rc2)







linux-hwe Launchpad, Ubuntu, Debian	Upstream	Released (3.15~rc2)







linux-hwe-edge Launchpad, Ubuntu, Debian	Upstream	Released (3.15~rc2)







linux-linaro-omap Launchpad, Ubuntu, Debian	Upstream	Released (3.15~rc2)







linux-linaro-shared Launchpad, Ubuntu, Debian	Upstream	Released (3.15~rc2)







linux-linaro-vexpress Launchpad, Ubuntu, Debian	Upstream	Released (3.15~rc2)







linux-lts-quantal Launchpad, Ubuntu, Debian	Upstream	Released (3.15~rc2)







linux-lts-raring Launchpad, Ubuntu, Debian	Upstream	Released (3.15~rc2)







linux-lts-saucy Launchpad, Ubuntu, Debian	Upstream	Released (3.15~rc2)







linux-lts-trusty Launchpad, Ubuntu, Debian	Upstream	Released (3.15~rc2)







linux-lts-utopic Launchpad, Ubuntu, Debian	Upstream	Released (3.15~rc2)







linux-lts-vivid Launchpad, Ubuntu, Debian	Upstream	Released (3.15~rc2)







linux-lts-wily Launchpad, Ubuntu, Debian	Upstream	Released (3.15~rc2)







linux-lts-xenial Launchpad, Ubuntu, Debian	Upstream	Released (3.15~rc2)







linux-maguro Launchpad, Ubuntu, Debian	Upstream	Released (3.15~rc2)







linux-mako Launchpad, Ubuntu, Debian	Upstream	Released (3.15~rc2)







linux-manta Launchpad, Ubuntu, Debian	Upstream	Released (3.15~rc2)







linux-mvl-dove Launchpad, Ubuntu, Debian	Upstream	Released (3.15~rc2)







linux-qcm-msm Launchpad, Ubuntu, Debian	Upstream	Released (3.15~rc2)







linux-raspi2 Launchpad, Ubuntu, Debian	Upstream	Released (3.15~rc2)







linux-snapdragon Launchpad, Ubuntu, Debian	Upstream	Released (3.15~rc2)







linux-ti-omap4 Launchpad, Ubuntu, Debian	Upstream	Released (3.15~rc2)

Notes

Author	Note
jdstrand	android kernels (goldfish, grouper, maguro, mako and manta) are not supported on the Ubuntu Touch 13.10 preview kernels

References

Bugs

https://launchpad.net/bugs/1312987

Join the discussion

Canonical is offering Extended Security Maintenance

Canonical is offering Ubuntu Extended Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›