USN-2463-1: Linux kernel vulnerabilities
First published: Tue Jan 13 2015(Updated: )
A race condition with MMIO and PIO transactions in the KVM (Kernel Virtual Machine) subsystem of the Linux kernel was discovered. A guest OS user could exploit this flaw to cause a denial of service (guest OS crash) via a specially crafted application. (CVE-2014-7842) The KVM (kernel virtual machine) subsystem of the Linux kernel miscalculates the number of memory pages during the handling of a mapping failure. A guest OS user could exploit this to cause a denial of service (host OS page unpinning) or possibly have unspecified other impact by leveraging guest OS privileges. (CVE-2014-8369)
| Affected Software | Affected Version | How to fix |
|---|---|---|
| All of | ||
| ubuntu/linux-image-3.2.0-75-generic-pae | <3.2.0-75.110 | 3.2.0-75.110 |
| Ubuntu 22.04 LTS | =12.04 | |
| All of | ||
| ubuntu/linux-image-3.2.0-75-powerpc64-smp | <3.2.0-75.110 | 3.2.0-75.110 |
| Ubuntu 22.04 LTS | =12.04 | |
| All of | ||
| ubuntu/linux-image-3.2.0-75-virtual | <3.2.0-75.110 | 3.2.0-75.110 |
| Ubuntu 22.04 LTS | =12.04 | |
| All of | ||
| ubuntu/linux-image-3.2.0-75-omap | <3.2.0-75.110 | 3.2.0-75.110 |
| Ubuntu 22.04 LTS | =12.04 | |
| All of | ||
| ubuntu/linux-image-3.2.0-75-generic | <3.2.0-75.110 | 3.2.0-75.110 |
| Ubuntu 22.04 LTS | =12.04 | |
| All of | ||
| ubuntu/linux-image-3.2.0-75-powerpc-smp | <3.2.0-75.110 | 3.2.0-75.110 |
| Ubuntu 22.04 LTS | =12.04 | |
| All of | ||
| ubuntu/linux-image-3.2.0-75-highbank | <3.2.0-75.110 | 3.2.0-75.110 |
| Ubuntu 22.04 LTS | =12.04 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://ubuntu.com/security/CVE-2014-7842
- https://ubuntu.com/security/CVE-2014-8369
- https://ubuntu.com/security/notices/USN-2468-1
- https://ubuntu.com/security/notices/USN-2467-1
- https://ubuntu.com/security/notices/USN-2465-1
- https://ubuntu.com/security/notices/USN-2464-1
- https://ubuntu.com/security/notices/USN-2466-1
- https://ubuntu.com/security/notices/USN-2445-1
- https://ubuntu.com/security/notices/USN-2447-1
- https://ubuntu.com/security/notices/USN-2448-1
- https://ubuntu.com/security/notices/USN-2446-1
- https://launchpad.net/ubuntu/+source/linux/3.2.0-75.110
- https://ubuntu.com/security/notices/USN-2463-1 (Advisory)
Frequently Asked Questions
What is the severity of USN-2463-1?
The severity of USN-2463-1 is categorized as high due to the potential for denial of service attacks.
How do I fix USN-2463-1?
To fix USN-2463-1, you should upgrade the affected packages to version 3.2.0-75.110 or higher.
What products are affected by USN-2463-1?
USN-2463-1 affects several Ubuntu 12.04 kernel images including linux-image-3.2.0-75-generic and others.
What causes the USN-2463-1 vulnerability?
The USN-2463-1 vulnerability is caused by a race condition with MMIO and PIO transactions in the KVM subsystem.
Can the USN-2463-1 vulnerability be exploited remotely?
Yes, the USN-2463-1 vulnerability can be exploited by a guest OS user leading to a denial of service.
- agent/severity
- agent/type
- agent/first-publish-date
- agent/last-modified-date
- agent/title
- agent/weakness
- agent/references
- agent/description
- agent/event
- agent/trending
- agent/source
- agent/softwarecombine
- agent/tags
- collector/usn
- source/Ubuntu
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- package-manager/ubuntu
- vendor/ubuntu
- canonical/ubuntu 22.04 lts
- version/ubuntu 22.04 lts/12.04