Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-6268

Overview

Vulnerability Score 4.9 4.9
CVE Id CVE-2014-6268
Last Modified 13 Jan 2015 03:56:07
Published 12 Jan 2015 10:59:02
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2014-6268

Summary

The evtchn_fifo_set_pending function in Xen 4.4.x allows local guest users to cause a denial of service (host crash) via vectors involving an uninitialized FIFO-based event channel control block when (1) binding or (2) moving an event to a different VCPU.

Vulnerable Systems

Operating System

  • Xen 4.4.0

Application

  • Xen 4.4.0

  • Xen 4.4.1


References

XF - xen-fifo-dos(95837)

CONFIRM - http://xenbits.xen.org/xsa/advisory-107.html

SECTRACK - 1030829

BID - 69753


Last Updated: 27 May 2016 11:07:31