CVE Vulnerabilities

CVE-2014-1895

Published: Apr 01, 2014 | Modified: Jan 07, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5.8 MEDIUM
AV:A/AC:M/Au:S/C:P/I:N/A:C
RedHat/V2
5 MODERATE
AV:A/AC:H/Au:S/C:P/I:N/A:C
RedHat/V3
Ubuntu
MEDIUM

Off-by-one error in the flask_security_avc_cachestats function in xsm/flask/flask_op.c in Xen 4.2.x and 4.3.x, when the maximum number of physical CPUs are in use, allows local users to cause a denial of service (host crash) or obtain sensitive information from hypervisor memory by leveraging a FLASK_AVC_CACHESTAT hypercall, which triggers a buffer over-read.

Affected Software

Name Vendor Start Version End Version
Xen Xen 4.2.0 (including) 4.2.0 (including)
Xen Xen 4.2.1 (including) 4.2.1 (including)
Xen Xen 4.2.2 (including) 4.2.2 (including)
Xen Xen 4.2.3 (including) 4.2.3 (including)
Xen Xen 4.3.0 (including) 4.3.0 (including)
Xen Xen 4.3.1 (including) 4.3.1 (including)
Xen Ubuntu devel *
Xen Ubuntu saucy *
Xen-3.3 Ubuntu upstream *

References