CVE Vulnerabilities

CVE-2014-3967

Published: Jun 05, 2014 | Modified: Oct 30, 2018
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5.5 MEDIUM
AV:A/AC:L/Au:S/C:N/I:N/A:C
RedHat/V2
RedHat/V3
Ubuntu

The HVMOP_inject_msi function in Xen 4.2.x, 4.3.x, and 4.4.x does not properly check the return value from the IRQ setup check, which allows local HVM guest administrators to cause a denial of service (NULL pointer dereference and crash) via unspecified vectors.

Affected Software

Name Vendor Start Version End Version
Xen Xen 4.2.2 4.2.2
Xen Xen 4.2.3 4.2.3
Xen Xen 4.2.0 4.2.0
Xen Xen 4.2.1 4.2.1

References