** Description changed: The ioapic_deliver function in virt/kvm/ioapic.c in the Linux kernel through 3.14.1 does not properly validate the kvm_irq_delivery_to_apic return value, which allows guest OS users to cause a denial of service (host OS crash) via a crafted entry in the redirection table of an I/O APIC. NOTE: the affected code was moved to the ioapic_service function before the vulnerability was announced. + + Break-Fix: 2c2bf01136971c33e3b3fabce23925f372c1017e + 5678de3f15010b9022ee45673f33bcfc71d47b60
-- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1312987 Title: CVE-2014-0155 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1312987/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
