Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2014-8594HistoryNov 19, 2014 - 6:59 p.m.
CVE-2014-8594
2014-11-1918:59:10
Debian Security Bug Tracker
security-tracker.debian.org
12
5.4 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:H/Au:N/C:N/I:N/A:C
0.006 Low
EPSS
Percentile
78.5%
The do_mmu_update function in arch/x86/mm.c in Xen 4.x through 4.4.x does not properly restrict updates to only PV page tables, which allows remote PV guests to cause a denial of service (NULL pointer dereference) by leveraging hardware emulation services for HVM guests using Hardware Assisted Paging (HAP).
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | xen | < 4.4.1-4 | xen_4.4.1-4_all.deb |
| Debian | 11 | all | xen | < 4.4.1-4 | xen_4.4.1-4_all.deb |
| Debian | 999 | all | xen | < 4.4.1-4 | xen_4.4.1-4_all.deb |
| Debian | 13 | all | xen | < 4.4.1-4 | xen_4.4.1-4_all.deb |
Related
xen
xen
Insufficient restrictions on certain MMU update hypercalls
2014-11-18 12:00:00
prion
prion
Null pointer dereference
2014-11-19 18:59:00
nvd
nvd
CVE-2014-8594
2014-11-19 18:59:10
cve
cve
CVE-2014-8594
2014-11-19 18:59:10
ubuntucve
ubuntucve
CVE-2014-8594
2014-11-19 00:00:00
cvelist
cvelist
CVE-2014-8594
2014-11-19 18:00:00
nessus
nessus
Fedora 19 : xen-4.2.5-5.fc19 (2014-15503)
2014-12-02 00:00:00
Fedora 21 : xen-4.4.1-9.fc21 (2014-15951)
2014-12-15 00:00:00
Fedora 20 : xen-4.3.3-5.fc20 (2014-15521)
2014-12-02 00:00:00
openvas
openvas
Debian Security Advisory DSA 3140-1 (xen - security update)
2015-01-27 00:00:00
SUSE: Security Advisory (SUSE-SU-2014:1700-1)
2021-06-09 00:00:00
Debian: Security Advisory (DSA-3140-1)
2015-01-26 00:00:00
osv
osv
xen - security update
2015-01-27 00:00:00
debian
debian
[SECURITY] [DSA 3140-1] xen security update
2015-01-27 10:53:46
securityvulns
securityvulns
[SECURITY] [DSA 3140-1] xen security update
2015-02-02 00:00:00
fedora
fedora
[SECURITY] Fedora 21 Update: xen-4.4.1-9.fc21
2014-12-12 04:01:42
[SECURITY] Fedora 21 Update: xen-4.4.1-12.fc21
2015-01-17 05:35:38
[SECURITY] Fedora 21 Update: xen-4.4.1-16.fc21
2015-03-23 07:10:24
suse
suse
Security update for xen (important)
2015-01-09 12:04:44
Security update for xen (important)
2015-02-06 11:05:09
Security update for xen (important)
2015-02-11 15:05:20
gentoo
gentoo
Xen: Multiple vulnerabilities
2015-04-11 00:00:00
5.4 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:H/Au:N/C:N/I:N/A:C
0.006 Low
EPSS
Percentile
78.5%
Related for DEBIANCVE:CVE-2014-8594