PT-2014-8741 · Xen+2 · Xen+2

Jan Beulich

Publicado

2014-12-01

Atualizado

2018-10-30

CVE-2014-8867

CVSS v2.0

4.9

Média

Vetor

AV:L/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions Xen versions 4.4.x, 3.2.x and earlier

Description The issue is related to the acceleration support for the "REP MOVS" instruction, which lacks proper bounds checking for memory mapped I/O (MMIO) emulated in the hypervisor. This allows local HVM guests to cause a denial of service (host crash) via unspecified vectors.

Recommendations For Xen versions 4.4.x, 3.2.x and earlier, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

DoS

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-17

Identificadores relacionados

CVE-2014-8867

DSA-3140-1

OPENSUSE-SU-2015_0226-1

OPENSUSE-SU-2015_0256-1

RHSA-2015:0783

RHSA-2015_0783

SUSE-SU-2015:0940-1

Produtos afetados

Red Hat

Suse

Xen

PT-2014-8741 · Xen+2 · Xen+2

CVE-2014-8867

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 79