VDB
GCVE-110-MAGEIA-2014-475
GCVE-110-MAGEIA-2014-475
Advisory Published
This kernel update is based on upstream -longterm 3.10.60 and
fixes the following security issues:
The WRMSR processing functionality in the KVM subsystem in the Linux
kernel through 3.17.2 does not properly handle the writing of a non-
canonical address to a model-specific register, which allows guest OS
users to cause a denial of service (host OS crash) by leveraging guest
OS privileges, related to the wrmsr_interception function in
arch/x86/kvm/svm.c and the handle_wrmsr function in arch/x86/kvm/vmx.c
(CVE-2014-3610).
Race condition in the __kvm_migrate_pit_timer function in
arch/x86/kvm/i8254.c in the KVM subsystem in the Linux kernel through
3.17.2 allows guest OS users to cause a denial of service (host OS crash)
by leveraging incorrect PIT emulation (CVE-2014-3611).
arch/x86/kvm/emulate.c in the KVM subsystem in the Linux kernel through
3.17.2 does not properly perform RIP changes, which allows guest OS users
to cause a denial of service (guest OS crash) via a crafted application
(CVE-2014-3647).
For other upstream changes, read the referenced changelogs.
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Mageia | kmod-nvidia173 | 0 (affected), 173.14.38-39.mga3.nonfree (unaffected) | — |
| Mageia | kernel | 3.10.60-1.mga3 (unaffected), 0 (affected) | — |
| Mageia | kmod-fglrx | 0 (affected), 13.251-15.mga3.nonfree (unaffected) | — |
| Mageia | kmod-xtables-addons | 0 (affected), 2.3-25.mga3 (unaffected) | — |
| Mageia | kmod-vboxadditions | 0 (affected), 4.3.18-3.mga3 (unaffected) | — |
| Mageia | kmod-nvidia304 | 0 (affected), 304.108-25.mga3.nonfree (unaffected) | — |
| Mageia | kmod-broadcom-wl | 6.30.223.141-25.mga3.nonfree (unaffected), 0 (affected) | — |
| Mageia | kmod-nvidia-current | 0 (affected), 319.60-25.mga3.nonfree (unaffected) | — |
| Mageia | kernel-userspace-headers | 3.10.60-1.mga3 (unaffected), 0 (affected) | — |
| Mageia | kmod-virtualbox | 4.3.18-3.mga3 (unaffected), 0 (affected) | — |
Browse GCVE Records
72,409 records in the GCVE database · Updated July 14, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.