CVE-2014-5148

Name of the Vulnerable Software and Affected Versions Xen versions 4.4.x

Description The issue occurs when Xen 4.4.x, running on an ARM system, handles an unknown system register access from 64-bit userspace. Instead of returning to an instruction associated with faults in 64-bit userspace, it returns to an instruction of the trap handler for kernel space faults. This allows local guest users to cause a denial of service (crash) and possibly gain privileges via a crafted process.

Recommendations For Xen version 4.4.x, consider applying a patch or fix that corrects the handling of unknown system register accesses from 64-bit userspace to prevent denial of service and potential privilege escalation.