CVE-2014-3124

The HVMOP_set_mem_type control in Xen 4.1 through 4.4.x allows local guest HVM administrators to cause a denial of service (hypervisor crash) or possibly execute arbitrary code by leveraging a separate qemu-dm vulnerability to trigger invalid page table translations for unspecified memory page types.

Affected Software

Name	Vendor	Start Version	End Version
Xen	Xen	4.1.0 (including)	4.1.0 (including)
Xen	Xen	4.1.1 (including)	4.1.1 (including)
Xen	Xen	4.1.2 (including)	4.1.2 (including)
Xen	Xen	4.1.3 (including)	4.1.3 (including)
Xen	Xen	4.1.4 (including)	4.1.4 (including)
Xen	Xen	4.1.5 (including)	4.1.5 (including)
Xen	Xen	4.1.6.1 (including)	4.1.6.1 (including)
Xen	Xen	4.2.0 (including)	4.2.0 (including)
Xen	Xen	4.2.1 (including)	4.2.1 (including)
Xen	Xen	4.2.2 (including)	4.2.2 (including)
Xen	Xen	4.2.3 (including)	4.2.3 (including)
Xen	Xen	4.3.0 (including)	4.3.0 (including)
Xen	Xen	4.3.1 (including)	4.3.1 (including)
Xen	Xen	4.4.0 (including)	4.4.0 (including)
Xen	Xen	4.4.0-rc1 (including)	4.4.0-rc1 (including)
Xen	Ubuntu	devel	*
Xen	Ubuntu	precise	*
Xen	Ubuntu	quantal	*
Xen	Ubuntu	saucy	*
Xen	Ubuntu	trusty	*
Xen-3.3	Ubuntu	upstream	*

NVD	https://nvd.nist.gov/vuln/detail/CVE-2014-3124
CWE	https://cwe.mitre.org/data/definitions/264.html

Affected Software

References