Re: CVE Request: Linux 3.17 guest-triggerable KVM OOPS

[cve-assign () mitre org]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

> Nadav Amit discovered an error in the instruction decoder that
> would cause certain RIP-relative instructions to OOPS the decoder.
> Specifically, rather than adding RIP to the operand address, RIP would
> be added to *0 from the host's perspective.

Use CVE-2014-8480.


> I also discovered that Nadav's fix was incomplete (or that there was
> another bug, depending on your perspective).  Certain invalid
> instructions (due to multiple error cases, including a failure to
> fetch part of the instruction or due to the instruction being too
> long) could trigger the same NULL pointer dereference.

Use CVE-2014-8481.

- -- 
CVE assignment team, MITRE CVE Numbering Authority
M/S M300
202 Burlington Road, Bedford, MA 01730 USA
[ PGP key available through http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (SunOS)

iQEcBAEBAgAGBQJUSgPZAAoJEKllVAevmvmspakH/06k2WAHqG90ZGTkg90CP/+Z
qO+Wlc1VorlncDDDCGphA4PyRcA66y/o3gcTfWm0EntrLwxP7U3acpk2AJWm+QE5
Ak06BW/bdLT/C6acvtIpsG2E6HdcWXZtI5AsNzT+FMmajyfHlzIoRrh+fdV2Ix+w
iF2FLlhYl65pW9j1I+Zq7hP8HusrRxVvBsPzMEu+ETKkywXvnQ8LG5tUuHGA2RDV
R5CVXX0LilC0B6OY3DkAJoXAWWHi+afO53XWjCeWAIvlO0GlZtZFQnHY8LUhttf0
8tQahl5zkREK4czACJNieUuMZF6oH358m1HgJamWKc2ZXYn1DzqztYEUfMtdnWY=
=ciPH
-----END PGP SIGNATURE-----