CVE-2014-5149

Name of the Vulnerable Software and Affected Versions Xen versions 4.2.x through 4.4.x

Description The issue is related to certain MMU virtualization operations in Xen when using shadow pagetables. These operations are not preemptible, allowing a local HVM guest to cause a denial of service by consuming vcpu resources. This can be achieved by invoking these operations, which process every page assigned to a guest.

Recommendations For Xen versions 4.2.x through 4.4.x, consider disabling the use of shadow pagetables as a temporary workaround to minimize the risk of exploitation. However, at the moment, there is no information about a newer version that contains a fix for this vulnerability.