DEBIAN-CVE-2014-8134

DEBIAN-CVE-2014-8134 PUBLISHED CVSS 3.299999952316284 LOW

The paravirt_ops_setup function in arch/x86/kernel/kvm.c in the Linux kernel through 3.18 uses an improper paravirt_enabled setting for KVM guest kernels, which makes it easier for guest OS users to bypass the ASLR protection mechanism via a crafted application that reads a 16-bit value.

Risk Scores

CVSS v3.1

3.299999952316284

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

Affected Products

Vendor	Product	Versions
Debian:12	linux	0, 0, 0
Debian:13	linux	0, 0, 0
Debian:11	linux	0, 0, 0
Debian:14	linux	0, 0, 0

Timeline

Dec 12, 2014 CVE Published
Apr 28, 2026 CVE Updated

References

https://security-tracker.debian.org/tracker/CVE-2014-8134 advisory

Open in Interactive Console →