VDB

GCVE-110-MAGEIA-2014-474

GCVE-110-MAGEIA-2014-474
Advisory Published
Vulnetix · Advisory published November 21, 2014
This kernel update is based on upstream -longterm 3.14.24 and fixes the following security issues: The WRMSR processing functionality in the KVM subsystem in the Linux kernel through 3.17.2 does not properly handle the writing of a non- canonical address to a model-specific register, which allows guest OS users to cause a denial of service (host OS crash) by leveraging guest OS privileges, related to the wrmsr_interception function in arch/x86/kvm/svm.c and the handle_wrmsr function in arch/x86/kvm/vmx.c (CVE-2014-3610). Race condition in the __kvm_migrate_pit_timer function in arch/x86/kvm/i8254.c in the KVM subsystem in the Linux kernel through 3.17.2 allows guest OS users to cause a denial of service (host OS crash) by leveraging incorrect PIT emulation (CVE-2014-3611). arch/x86/kvm/vmx.c in the KVM subsystem in the Linux kernel through 3.17.2 does not have an exit handler for the INVVPID instruction, which allows guest OS users to cause a denial of service (guest OS crash) via a crafted application (CVE-2014-3646). arch/x86/kvm/emulate.c in the KVM subsystem in the Linux kernel through 3.17.2 does not properly perform RIP changes, which allows guest OS users to cause a denial of service (guest OS crash) via a crafted application (CVE-2014-3647). Other changes: Revert "drivers/net: Disable UFO through virtio" as it breaks VM migration add ahci support for Intel Sunrise Point / Skylake make INTEL_MEI modular (mga#14469) For other upstream changes, read the referenced changelog.

Affected Products

VendorProductVersionsPlatforms
Mageiakmod-xtables-addons0 (affected), 2.5-7.mga4 (unaffected)
Mageiakmod-vboxadditions0 (affected), 4.3.18-4.mga4 (unaffected)
Mageiakernel-userspace-headers0 (affected), 3.14.24-1.mga4 (unaffected)
Mageiakmod-nvidia1730 (affected), 173.14.39-27.mga4.nonfree (unaffected)
Mageiakmod-nvidia-current0 (affected), 331.79-12.mga4.nonfree (unaffected)
Mageiakmod-virtualbox4.3.18-4.mga4 (unaffected), 0 (affected)
Mageiakmod-nvidia304304.121-7.mga4.nonfree (unaffected), 0 (affected)
Mageiakernel0 (affected), 3.14.24-1.mga4 (unaffected)
Mageiakmod-fglrx0 (affected), 14.010.1006-12.mga4.nonfree (unaffected)
Mageiakmod-broadcom-wl0 (affected), 6.30.223.141-42.mga4.nonfree (unaffected)

Browse GCVE Records

72,664 records in the GCVE database · Updated July 15, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›