Linux Kernel 'kernel/kvm. c' local information leakage Vulnerability

Linux Kernel 'kernel/kvm. c' local information leakage Vulnerability

Release date:
Updated on:

Affected Systems:
Linux kernel
Description:
Bugtraq id: 71650
CVE (CAN) ID: CVE-2014-8134

Linux Kernel is the Kernel of the Linux operating system.

The espfix function of Linux kernel does not work for 32-bit KVM paravirt clients. Unauthorized Local Users can exploit this vulnerability to obtain the kernel stack address.

<* Source: Andy Lutomirski
*>

Suggestion:
Vendor patch:

Linux
-----
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:

Https://bugzilla.redhat.com/show_bug.cgi? Id = 1172765
Http://people.canonical.com /~ Ubuntu-security/cve/2014/CVE-2014-8134.html
Https://bugzilla.novell.com/show_bug.cgi? Id = 909078
Https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1400314

The Ubuntu 13.10 (Saucy Salamander) Kernel has been upgraded to Linux Kernel 3.10 RC5

Linux Kernel 3.4.62 LTS is now available for download

How to install Linux kernel 13.10 On Ubuntu 3.12

How to install the 3.16.7 CKT2 kernel in Ubuntu 14.10, Ubuntu 14.04, and its derivative versions

Linux Kernel: click here
Linux Kernel: click here

This article permanently updates the link address: