Lucene search

PRIOn knowledge basePRION:CVE-2014-7155

HistoryOct 02, 2014 - 2:55 p.m.

Information disclosure

2014-10-0214:55:00

PRIOn knowledge base

www.prio-n.com

6.7 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

26.7%

JSON

The x86_emulate function in arch/x86/x86_emulate/x86_emulate.c in Xen 4.4.x and earlier does not properly check supervisor mode permissions, which allows local HVM users to cause a denial of service (guest crash) or gain guest kernel mode privileges via vectors involving an (1) HLT, (2) LGDT, (3) LIDT, or (4) LMSW instruction.

CPENameOperatorVersion
debian_linuxeq7.0
fedoraeq20
fedoraeq19
opensuseeq12.3
opensuseeq13.1
xeneq3.2.0
xeneq4.1.5
xeneq3.2.1
xeneq4.2.2
xeneq4.2.3

Name	Operator	Version
debian_linux	eq	7.0
fedora	eq	20
fedora	eq	19
opensuse	eq	12.3
opensuse	eq	13.1
xen	eq	3.2.0
xen	eq	4.1.5
xen	eq	3.2.1
xen	eq	4.2.2
xen	eq	4.2.3

Rows per page:

1-10 of 431

References

lists.opensuse.org/opensuse-security-announce/2014-10/msg00002.html

lists.opensuse.org/opensuse-security-announce/2014-10/msg00003.html

secunia.com/advisories/61858

secunia.com/advisories/61890

security.gentoo.org/glsa/glsa-201412-42.xml

support.citrix.com/article/CTX200218

www.debian.org/security/2014/dsa-3041

www.securityfocus.com/bid/70057

www.securitytracker.com/id/1030888

xenbits.xen.org/xsa/advisory-105.html

lists.fedoraproject.org/pipermail/package-announce/2014-October/140418.html

lists.fedoraproject.org/pipermail/package-announce/2014-October/140483.html