Computer Security
[EN] securityvulns.ru no-pyccku


Xen multiple security vulnerabilities
Published:19.06.2014
Source:
SecurityVulns ID:13852
Type:local
Threat Level:
6/10
Description:DoS, information leakage, privilege escalation.
Affected:XEN : Xen 4.4
CVE:CVE-2014-4021 (Xen 3.2.x through 4.4.x does not properly clean memory pages recovered from guests, which allows local guest OS users to obtain sensitive information via unspecified vectors.)
 CVE-2014-3969 (Xen 4.4.x, when running on an ARM system, does not properly check write permissions on virtual addresses, which allows local guest administrators to gain privileges via unspecified vectors.)
 CVE-2014-3968 (The HVMOP_inject_msi function in Xen 4.2.x, 4.3.x, and 4.4.x allows local guest HVM administrators to cause a denial of service (host crash) via a large number of crafted requests, which trigger an error messages to be logged.)
 CVE-2014-3967 (The HVMOP_inject_msi function in Xen 4.2.x, 4.3.x, and 4.4.x does not properly check the return value from the IRQ setup check, which allows local HVM guest administrators to cause a denial of service (NULL pointer dereference and crash) via unspecified vectors.)
 CVE-2013-2078 (Xen 4.0.2 through 4.0.4, 4.1.x, and 4.2.x allows local PV guest users to cause a denial of service (hypervisor crash) via certain bit combinations to the XSETBV instruction.)
Original documentdocumentXEN, [oss-security] Xen Security Advisory 100 (CVE-2014-4021) - Hypervisor heap contents leaked to guests (19.06.2014)
 documentXEN, [oss-security] Xen Security Advisory 99 - unexpected pitfall in xenaccess API (19.06.2014)
 documentXEN, [oss-security] Xen Security Advisory 98 (CVE-2014-3969) - insufficient permissions checks accessing guest memory on ARM (19.06.2014)
 documentXEN, [oss-security] Xen Security Advisory 96 (CVE-2014-3967,CVE-2014-3968) - Vulnerabilities in HVM MSI injection (19.06.2014)
 documentXEN, [oss-security] Xen Security Advisory 54 (CVE-2013-2078) - Hypervisor crash due to missing exception recovery on XSETBV (19.06.2014)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod