Linux Kernel KVM incomplete repair of Denial of Service Vulnerability (CVE-2014-8481)

Linux Kernel KVM incomplete repair of Denial of Service Vulnerability (CVE-2014-8481)

Release date:
Updated on:

Affected Systems:
Linux kernel
Description:
Bugtraq id: 70712
CVE (CAN) ID: CVE-2014-8481

Linux Kernel is the Kernel of the Linux operating system.

Linux Kernel 3.17 has a denial of service vulnerability, which is caused by incomplete repair of the CVE-2014-8480, the problem still exists in the Instruction Decoding Module. Remote attackers exploit this vulnerability by using special invalid commands, which can cause a null pointer reference.

<* Source: Andy Lutomirski
*>

Suggestion:
Vendor patch:

Linux
-----
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:

Http://git.kernel.org/cgit/virt/kvm/kvm.git/commit? Id = a424c9166312e1aa3d80bce32374233bdbfeba32

The Ubuntu 13.10 (Saucy Salamander) Kernel has been upgraded to Linux Kernel 3.10 RC5

Linux Kernel 3.4.62 LTS is now available for download

How to install Linux kernel 13.10 On Ubuntu 3.12

Linux Kernel: click here
Linux Kernel: click here

This article permanently updates the link address: