KVM "kvm_iommu_map_pages ()" ing failed to handle DoS Vulnerability
Release date:
Updated on:
Affected Systems:
KVM
Description:
--------------------------------------------------------------------------------
CVE (CAN) ID: CVE-2014-3601
KVM is a kernel-based virtual machine that is a full virtualization solution for Linux on x86 hardware that includes virtualization extensions (Intel VT or AMD-V.
After KVM fails to process iommu ing, an error occurs in the "kvm_iommu_map_pages ()" function (virt/kvm/iommu. c). malicious local users can exploit this vulnerability to cause host OS crash.
<* Source: Jack Morgenstein
*>
Suggestion:
--------------------------------------------------------------------------------
Vendor patch:
KVM
---
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:
Http://git.kernel.org/cgit/virt/kvm/kvm.git/commit? Id = 350b8bdd689cd2ab2c67c8a86a0be86cfa0751a7
RHEL6 KVM virtualization creates a bridge NIC-Bridge
RedHat Linux KVM Virtual Machine bridging
Installation/bridging settings of KVM in CentOS 5.6/virtual machine creation and operation
The/bin/qemu-KVM problem cannot be found when the kvm virtual machine is installed with libvirt In Ubuntu.
This article permanently updates the link address: