Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-2915

Overview

Vulnerability Score 5.5 5.5
CVE Id CVE-2014-2915
Last Modified 24 Apr 2014 03:18:10
Published 24 Apr 2014 10:55:04
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact COMPLETE COMPLETE
Access Vector ADJACENT_NETWORK
Access Complexity LOW
Authentication SINGLE_INSTANCE

CVE-2014-2915

Summary

Xen 4.4.x, when running on ARM systems, does not properly restrict access to hardware features, which allows local guest users to cause a denial of service (host or guest crash) via unspecified vectors, related to (1) cache control, (2) coprocessors, (3) debug registers, and (4) other unspecified registers.

Vulnerable Systems

Operating System

  • Xen 4.4.0


References

CONFIRM - http://xenbits.xen.org/xsa/advisory-93.html

SECTRACK - 1030135

MLIST - [oss-security] 20140423 Xen Security Advisory 93 (CVE-2014-2915) - Hardware features unintentionally exposed to guests on ARM

MLIST - [oss-security] 20140422 Re: Xen Security Advisory 93 - Hardware features unintentionally exposed to guests on ARM


Last Updated: 27 May 2016 11:05:05