Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-2599

Overview

Vulnerability Score 4.9 4.9
CVE Id CVE-2014-2599
Last Modified 11 Dec 2014 10:01:27
Published 28 Mar 2014 11:55:08
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2014-2599

Summary

The HVMOP_set_mem_access HVM control operations in Xen 4.1.x for 32-bit and 4.1.x through 4.4.x for 64-bit allow local guest administrators to cause a denial of service (CPU consumption) by leveraging access to certain service domains for HVM guests and a large input.

Vulnerable Systems

Operating System

  • Xen 4.1.0

  • Xen 4.1.1

  • Xen 4.1.2

  • Xen 4.1.3

  • Xen 4.1.4

  • Xen 4.1.5

  • Xen 4.1.6.1

  • Xen 4.2.0

  • Xen 4.2.1

  • Xen 4.2.2

  • Xen 4.2.3

  • Xen 4.3.0

  • Xen 4.3.1

  • Xen 4.3.2

  • Xen 4.4.0


References

CONFIRM - http://xenbits.xen.org/xsa/advisory-89.html

SECTRACK - 1029956

BID - 66407

MLIST - [oss-security] 20140325 Re: Xen Security Advisory 89 - HVMOP_set_mem_access is not preemptible

MLIST - [oss-security] 20140325 Xen Security Advisory 89 - HVMOP_set_mem_access is not preemptible

SUSE - openSUSE-SU-2014:1279

DEBIAN - DSA-3006


Last Updated: 27 May 2016 11:04:48