Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-0055

Overview

Vulnerability Score 5.5 5.5
CVE Id CVE-2014-0055
Last Modified 17 Jul 2014 01:03:17
Published 26 Mar 2014 10:55:04
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact COMPLETE COMPLETE
Access Vector ADJACENT_NETWORK
Access Complexity LOW
Authentication SINGLE_INSTANCE

CVE-2014-0055

Summary

The get_rx_bufs function in drivers/vhost/net.c in the vhost-net subsystem in the Linux kernel package before 2.6.32-431.11.2 on Red Hat Enterprise Linux (RHEL) 6 does not properly handle vhost_get_vq_desc errors, which allows guest OS users to cause a denial of service (host OS crash) via unspecified vectors.

Vulnerable Systems

Operating System

  • Redhat Enterprise Linux 6


References

CONFIRM - https://bugzilla.redhat.com/show_bug.cgi?id=1062577

REDHAT - RHSA-2014:0328

REDHAT - RHSA-2014:0339

BID - 66441

SECUNIA - 59386


Last Updated: 27 May 2016 10:55:16