Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2014-1896HistoryApr 01, 2014 - 6:35 a.m.
CVE-2014-1896
2014-04-0106:35:53
Debian Security Bug Tracker
security-tracker.debian.org
15
CVSS2
4.9
Attack Vector
ADJACENT_NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:A/AC:M/Au:S/C:P/I:P/A:P
EPSS
0.001
Percentile
26.7%
The (1) do_send and (2) do_recv functions in io.c in libvchan in Xen 4.2.x, 4.3.x, and 4.4-RC series allows local guests to cause a denial of service or possibly gain privileges via crafted xenstore ring indexes, which triggers a “read or write past the end of the ring.”
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | xen | < 4.4.0-1 | xen_4.4.0-1_all.deb |
| Debian | 11 | all | xen | < 4.4.0-1 | xen_4.4.0-1_all.deb |
| Debian | 999 | all | xen | < 4.4.0-1 | xen_4.4.0-1_all.deb |
| Debian | 13 | all | xen | < 4.4.0-1 | xen_4.4.0-1_all.deb |
Related
prion
prion
Code injection
2014-04-01 06:35:00
ubuntucve
ubuntucve
CVE-2014-1896
2014-04-01 00:00:00
xen
xen
libvchan failure handling malicious ring indexes
2014-02-06 12:00:00
cvelist
cvelist
CVE-2014-1896
2014-04-01 01:00:00
cve
cve
CVE-2014-1896
2014-04-01 06:35:53
nvd
nvd
CVE-2014-1896
2014-04-01 06:35:53
nessus
nessus
Fedora 19 : xen-4.2.3-15.fc19 (2014-2188)
2014-02-17 00:00:00
Fedora 20 : xen-4.3.1-9.fc20 (2014-2170)
2014-02-17 00:00:00
SuSE 11.3 Security Update : Xen (SAT Patch Number 8973)
2014-03-14 00:00:00
fedora
fedora
[SECURITY] Fedora 20 Update: xen-4.3.1-9.fc20
2014-02-16 23:21:24
[SECURITY] Fedora 20 Update: xen-4.3.2-1.fc20
2014-03-02 03:45:00
[SECURITY] Fedora 20 Update: xen-4.3.2-2.fc20
2014-04-06 02:35:21
openvas
openvas
SUSE: Security Advisory for Xen (SUSE-SU-2014:0373-1)
2015-10-13 00:00:00
Fedora Update for xen FEDORA-2014-2170
2014-02-17 00:00:00
Fedora Update for xen FEDORA-2014-2170
2014-02-17 00:00:00
suse
suse
Security update for Xen (important)
2014-03-14 00:06:40
gentoo
gentoo
Xen: Multiple Vunlerabilities
2014-07-16 00:00:00
CVSS2
4.9
Attack Vector
ADJACENT_NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:A/AC:M/Au:S/C:P/I:P/A:P
EPSS
0.001
Percentile
26.7%
Related for DEBIANCVE:CVE-2014-1896