CVE-2014-7156

The x86_emulate function in arch/x86/x86_emulate/x86_emulate.c in Xen 3.3.x through 4.4.x does not check the supervisor mode permissions for instructions that generate software interrupts, which allows local HVM guest users to cause a denial of service (guest crash) via unspecified vectors.

Affected Software

Name	Vendor	Start Version	End Version
Xen	Xen	3.3.0 (including)	3.3.0 (including)
Xen	Xen	3.3.1 (including)	3.3.1 (including)
Xen	Xen	3.3.2 (including)	3.3.2 (including)
Xen	Xen	4.1.0 (including)	4.1.0 (including)
Xen	Xen	4.1.1 (including)	4.1.1 (including)
Xen	Xen	4.1.2 (including)	4.1.2 (including)
Xen	Xen	4.1.3 (including)	4.1.3 (including)
Xen	Xen	4.1.4 (including)	4.1.4 (including)
Xen	Xen	4.1.5 (including)	4.1.5 (including)
Xen	Xen	4.1.6.1 (including)	4.1.6.1 (including)
Xen	Xen	4.2.0 (including)	4.2.0 (including)
Xen	Xen	4.2.1 (including)	4.2.1 (including)
Xen	Xen	4.2.2 (including)	4.2.2 (including)
Xen	Xen	4.2.3 (including)	4.2.3 (including)
Xen	Xen	4.3.0 (including)	4.3.0 (including)
Xen	Xen	4.3.1 (including)	4.3.1 (including)
Xen	Xen	4.4.0 (including)	4.4.0 (including)
Xen	Xen	4.4.0-rc1 (including)	4.4.0-rc1 (including)
Xen	Xen	4.4.1 (including)	4.4.1 (including)
Xen	Ubuntu	devel	*
Xen	Ubuntu	precise	*
Xen	Ubuntu	trusty	*
Xen	Ubuntu	utopic	*
Xen	Ubuntu	vivid	*
Xen-3.3	Ubuntu	lucid	*
Xen-3.3	Ubuntu	upstream	*

NVD	https://nvd.nist.gov/vuln/detail/CVE-2014-7156
CWE	https://cwe.mitre.org/data/definitions/264.html

Affected Software

References