Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntucveUbuntu.comUB:CVE-2014-1896
HistoryApr 01, 2014 - 12:00 a.m.

CVE-2014-1896

2014-04-0100:00:00
ubuntu.com
ubuntu.com
7

4.9 Medium

CVSS2

Attack Vector

ADJACENT_NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:A/AC:M/Au:S/C:P/I:P/A:P

0.001 Low

EPSS

Percentile

26.9%

JSON

The (1) do_send and (2) do_recv functions in io.c in libvchan in Xen 4.2.x,
4.3.x, and 4.4-RC series allows local guests to cause a denial of service
or possibly gain privileges via crafted xenstore ring indexes, which
triggers a “read or write past the end of the ring.”

Notes

Author Note
mdeslaur This is XSA-86 libvchan not packaged in Ubuntu. 4.2+ only
OSVersionArchitecturePackageVersionFilename
ubuntu13.10noarchxen< 4.3.0-1ubuntu1.3UNKNOWN

Related

debiancve 1
xen 1
nvd 1
cve 1
cvelist 1
prion 1
nessus 5
openvas 35
fedora 26
suse 1
gentoo 1
debiancve
debiancve
CVE-2014-1896
2014-04-01 06:35:53
xen
xen
libvchan failure handling malicious ring indexes
2014-02-06 12:00:00
nvd
nvd
CVE-2014-1896
2014-04-01 06:35:53
cve
cve
CVE-2014-1896
2014-04-01 06:35:53
cvelist
cvelist
CVE-2014-1896
2014-04-01 01:00:00
prion
prion
Code injection
2014-04-01 06:35:00
nessus
nessus
Fedora 20 : xen-4.3.1-9.fc20 (2014-2170)
2014-02-17 00:00:00
Fedora 19 : xen-4.2.3-15.fc19 (2014-2188)
2014-02-17 00:00:00
SuSE 11.3 Security Update : Xen (SAT Patch Number 8973)
2014-03-14 00:00:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2014:0373-1)
2021-06-09 00:00:00
SUSE: Security Advisory for Xen (SUSE-SU-2014:0373-1)
2015-10-13 00:00:00
Fedora Update for xen FEDORA-2014-2170
2014-02-17 00:00:00
fedora
fedora
[SECURITY] Fedora 20 Update: xen-4.3.1-9.fc20
2014-02-16 23:21:24
[SECURITY] Fedora 20 Update: xen-4.3.2-3.fc20
2014-05-12 05:19:03
[SECURITY] Fedora 20 Update: xen-4.3.2-2.fc20
2014-04-06 02:35:21
suse
suse
Security update for Xen (important)
2014-03-14 00:06:40
gentoo
gentoo
Xen: Multiple Vunlerabilities
2014-07-16 00:00:00

4.9 Medium

CVSS2

Attack Vector

ADJACENT_NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:A/AC:M/Au:S/C:P/I:P/A:P

0.001 Low

EPSS

Percentile

26.9%

JSON
Related for UB:CVE-2014-1896
debiancve1xen1nvd1cve1cvelist1prion1nessus5openvas35fedora26suse1gentoo1