{"id":"MGASA-2014-0474","summary":"Updated kernel packages fix security vulnerabilities","details":"This kernel update is based on upstream -longterm 3.14.24 and\nfixes the following security issues:\n\nThe WRMSR processing functionality in the KVM subsystem in the Linux\nkernel through 3.17.2 does not properly handle the writing of a non-\ncanonical address to a model-specific register, which allows guest OS\nusers to cause a denial of service (host OS crash) by leveraging guest\nOS privileges, related to the wrmsr_interception function in\narch/x86/kvm/svm.c and the handle_wrmsr function in arch/x86/kvm/vmx.c\n(CVE-2014-3610).\n\nRace condition in the __kvm_migrate_pit_timer function in\narch/x86/kvm/i8254.c in the KVM subsystem in the Linux kernel through\n3.17.2 allows guest OS users to cause a denial of service (host OS crash)\nby leveraging incorrect PIT emulation (CVE-2014-3611).\n\narch/x86/kvm/vmx.c in the KVM subsystem in the Linux kernel through 3.17.2\ndoes not have an exit handler for the INVVPID instruction, which allows\nguest OS users to cause a denial of service (guest OS crash) via a crafted\napplication (CVE-2014-3646).\n\narch/x86/kvm/emulate.c in the KVM subsystem in the Linux kernel through\n3.17.2 does not properly perform RIP changes, which allows guest OS users\nto cause a denial of service (guest OS crash) via a crafted application\n(CVE-2014-3647).\n\nOther changes:\nRevert \"drivers/net: Disable UFO through virtio\" as it breaks VM migration\nadd ahci support for Intel Sunrise Point / Skylake\nmake INTEL_MEI modular (mga#14469)\n\nFor other upstream changes, read the referenced changelog.\n","modified":"2026-04-16T06:22:52.002520218Z","published":"2014-11-21T12:44:16Z","upstream":["CVE-2014-3610","CVE-2014-3611","CVE-2014-3646","CVE-2014-3647"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2014-0474.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=14570"},{"type":"WEB","url":"https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.14.24"}],"affected":[{"package":{"name":"kernel","ecosystem":"Mageia:4","purl":"pkg:rpm/mageia/kernel?arch=source&distro=mageia-4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.14.24-1.mga4"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2014-0474.json"}},{"package":{"name":"kernel-userspace-headers","ecosystem":"Mageia:4","purl":"pkg:rpm/mageia/kernel-userspace-headers?arch=source&distro=mageia-4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.14.24-1.mga4"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2014-0474.json"}},{"package":{"name":"kmod-vboxadditions","ecosystem":"Mageia:4","purl":"pkg:rpm/mageia/kmod-vboxadditions?arch=source&distro=mageia-4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.3.18-4.mga4"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2014-0474.json"}},{"package":{"name":"kmod-virtualbox","ecosystem":"Mageia:4","purl":"pkg:rpm/mageia/kmod-virtualbox?arch=source&distro=mageia-4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.3.18-4.mga4"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2014-0474.json"}},{"package":{"name":"kmod-xtables-addons","ecosystem":"Mageia:4","purl":"pkg:rpm/mageia/kmod-xtables-addons?arch=source&distro=mageia-4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.5-7.mga4"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2014-0474.json"}},{"package":{"name":"kmod-broadcom-wl","ecosystem":"Mageia:4","purl":"pkg:rpm/mageia/kmod-broadcom-wl?arch=source&distro=mageia-4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"6.30.223.141-42.mga4.nonfree"}]}],"ecosystem_specific":{"section":"nonfree"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2014-0474.json"}},{"package":{"name":"kmod-fglrx","ecosystem":"Mageia:4","purl":"pkg:rpm/mageia/kmod-fglrx?arch=source&distro=mageia-4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"14.010.1006-12.mga4.nonfree"}]}],"ecosystem_specific":{"section":"nonfree"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2014-0474.json"}},{"package":{"name":"kmod-nvidia173","ecosystem":"Mageia:4","purl":"pkg:rpm/mageia/kmod-nvidia173?arch=source&distro=mageia-4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"173.14.39-27.mga4.nonfree"}]}],"ecosystem_specific":{"section":"nonfree"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2014-0474.json"}},{"package":{"name":"kmod-nvidia304","ecosystem":"Mageia:4","purl":"pkg:rpm/mageia/kmod-nvidia304?arch=source&distro=mageia-4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"304.121-7.mga4.nonfree"}]}],"ecosystem_specific":{"section":"nonfree"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2014-0474.json"}},{"package":{"name":"kmod-nvidia-current","ecosystem":"Mageia:4","purl":"pkg:rpm/mageia/kmod-nvidia-current?arch=source&distro=mageia-4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"331.79-12.mga4.nonfree"}]}],"ecosystem_specific":{"section":"nonfree"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2014-0474.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}