Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2014-5146HistoryAug 22, 2014 - 2:55 p.m.
CVE-2014-5146
2014-08-2214:55:08
Debian Security Bug Tracker
security-tracker.debian.org
18
CVSS2
4.7
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:N/I:N/A:C
EPSS
0.001
Percentile
26.7%
Certain MMU virtualization operations in Xen 4.2.x through 4.4.x before the xsa97-hap patch, when using Hardware Assisted Paging (HAP), are not preemptible, which allows local HVM guest to cause a denial of service (vcpu consumption) by invoking these operations, which process every page assigned to a guest, a different vulnerability than CVE-2014-5149.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | xen | < 4.4.1-4 | xen_4.4.1-4_all.deb |
| Debian | 11 | all | xen | < 4.4.1-4 | xen_4.4.1-4_all.deb |
| Debian | 999 | all | xen | < 4.4.1-4 | xen_4.4.1-4_all.deb |
| Debian | 13 | all | xen | < 4.4.1-4 | xen_4.4.1-4_all.deb |
Related
prion
prion
Design/Logic Flaw
2014-08-22 14:55:00
Design/Logic Flaw
2014-08-22 14:55:00
ubuntucve
ubuntucve
CVE-2014-5149
2014-08-22 00:00:00
CVE-2014-5146
2014-08-22 00:00:00
nessus
nessus
Fedora 20 : xen-4.3.2-7.fc20 (2014-9472)
2014-08-25 00:00:00
Fedora 19 : xen-4.2.4-7.fc19 (2014-9493)
2014-08-25 00:00:00
OracleVM 3.3 : xen (OVMSA-2015-0004)
2015-01-23 00:00:00
cvelist
cvelist
CVE-2014-5146
2014-08-22 14:00:00
CVE-2014-5149
2014-08-22 14:00:00
nvd
nvd
CVE-2014-5146
2014-08-22 14:55:08
CVE-2014-5149
2014-08-22 14:55:08
cve
cve
CVE-2014-5146
2014-08-22 14:55:08
CVE-2014-5149
2014-08-22 14:55:08
xen
xen
Long latency virtual-mmu operations are not preemptible
2014-08-12 12:00:00
debiancve
debiancve
CVE-2014-5149
2014-08-22 14:55:08
openvas
openvas
SUSE: Security Advisory for xen (SUSE-SU-2015:0022-1)
2015-10-16 00:00:00
SUSE: Security Advisory (SUSE-SU-2015:0022-1)
2021-04-19 00:00:00
openSUSE: Security Advisory for xen (openSUSE-SU-2015:0256-1)
2015-09-18 00:00:00
suse
suse
Security update for xen (important)
2015-01-09 12:04:44
Security update for xen (important)
2015-02-06 11:05:09
Security update for xen (important)
2015-02-11 15:05:20
gentoo
gentoo
Xen: Multiple vulnerabilities
2015-04-11 00:00:00
fedora
fedora
[SECURITY] Fedora 20 Update: xen-4.3.2-7.fc20
2014-08-24 02:54:54
[SECURITY] Fedora 19 Update: xen-4.2.4-7.fc19
2014-08-24 02:54:59
[SECURITY] Fedora 20 Update: xen-4.3.3-3.fc20
2014-10-11 06:54:26
osv
osv
xen-4.7.0_12-1.3 on GA media
2024-06-15 00:00:00
CVSS2
4.7
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:N/I:N/A:C
EPSS
0.001
Percentile
26.7%
Related for DEBIANCVE:CVE-2014-5146