[security-announce] Kernel-kvm: Security update

Sona Sarmadi sona.sarmadi at enea.com
Thu Jan 22 13:46:28 CET 2015


			Enea Linux Security Advisory

kernel: kvm: invalid parameter passing in kvm_iommu_map_pages()
======================================================================
Product/package: Kernel-kvm: (FSL kernel: 3.8.11)
Severity: Moderate
Issue date: 2015-01-22
CVE Names: CVE-2014-3601
Layer: meta-enea
======================================================================
A security patch that fixes CVE-2014-3601 is now available in the
"http://linux.enea.com/4.0/patches" folder:

README file: 0019-kvm-iommu-CVE-2014-3601.README
Patch file: 0019-kvm-iommu-CVE-2014-3601.patch

Description
===========
The kvm_iommu_map_pages function in virt/kvm/iommu.c in the Linux
kernel through 3.16.1 miscalculates the number of pages during
the handling of a mapping failure, which allows guest OS users
to (1) cause a denial of service (host OS memory corruption)
or possibly have unspecified other impact by triggering a large
gfn value or (2) cause a denial of service (host OS memory
consumption) by triggering a small gfn value that leads to
permanently pinned pages.

Reference
==========
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3601

How to apply the patches
=========================
If you don't have installed the Enea Linux 4.0 Release:

# wget http://linux.enea.com/4.0/Enea-Linux-4.0.tar.gz
# tar zxvf Enea-Linux-4.0.tar.gz

If you have already installed the Enea Linux 4.0 Release:

# cd Enea-Linux-4.0/poky/meta-enea
# wget http://linux.enea.com/4.0/patches/0019-kvm-iommu-CVE-2014-3601.patch
# patch -p1 < ./0019-kvm-iommu-CVE-2014-3601.patch


If you have any questions regarding the security patches and security
updates please contact security at enea.com.

ESRT (Enea Security Response Team)
Sona Sarmadi
Software Engineer/Security Responsible for Enea Linux
Mobile: +46 70 971 4475
www.enea.com

This message, including attachments, is CONFIDENTIAL. It may also be
privileged or otherwise protected by law. If you received this email by
mistake please let us know by reply and then delete it from your system;
you should not copy it or disclose its contents to anyone.




More information about the security-announce mailing list