PT-2014-6301 · Xen+2 · Xen+2

Jan Beulich

Publicado

2014-08-22

Atualizado

2024-06-15

CVE-2014-5146

CVSS v2.0

4.7

Média

Vetor

AV:L/AC:M/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions Xen versions 4.2.x through 4.4.x

Description The issue affects certain MMU virtualization operations in Xen when using Hardware Assisted Paging (HAP). These operations are not preemptible, allowing a local HVM guest to cause a denial of service by consuming vcpu resources. This can be achieved by invoking these operations, which process every page assigned to a guest.

Recommendations For Xen versions 4.2.x through 4.4.x, apply the xsa97-hap patch to resolve the issue.

Correção

DoS

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-399

Identificadores relacionados

ALT-PU-2014-2061

CVE-2014-5146

OPENSUSE-SU-2015_0226-1

OPENSUSE-SU-2015_0256-1

OPENSUSE-SU-2024:10196-1

Produtos afetados

Alt Linux

Suse

Xen

PT-2014-6301 · Xen+2 · Xen+2

CVE-2014-5146

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 177