CVE-2014-7188

The hvm_msr_read_intercept function in arch/x86/hvm/hvm.c in Xen 4.1 through 4.4.x uses an improper MSR range for x2APIC emulation, which allows local HVM guests to cause a denial of service (host crash) or read data from the hypervisor or other guests via unspecified vectors.

Affected Software

Name	Vendor	Start Version	End Version
Xen	Xen	4.1.0 (including)	4.1.0 (including)
Xen	Xen	4.1.1 (including)	4.1.1 (including)
Xen	Xen	4.1.2 (including)	4.1.2 (including)
Xen	Xen	4.1.3 (including)	4.1.3 (including)
Xen	Xen	4.1.4 (including)	4.1.4 (including)
Xen	Xen	4.1.5 (including)	4.1.5 (including)
Xen	Xen	4.1.6.1 (including)	4.1.6.1 (including)
Xen	Xen	4.2.0 (including)	4.2.0 (including)
Xen	Xen	4.2.1 (including)	4.2.1 (including)
Xen	Xen	4.2.2 (including)	4.2.2 (including)
Xen	Xen	4.2.3 (including)	4.2.3 (including)
Xen	Xen	4.3.0 (including)	4.3.0 (including)
Xen	Xen	4.3.1 (including)	4.3.1 (including)
Xen	Xen	4.4.0 (including)	4.4.0 (including)
Xen	Xen	4.4.0-rc1 (including)	4.4.0-rc1 (including)
Xen	Xen	4.4.1 (including)	4.4.1 (including)
Xen	Ubuntu	devel	*
Xen	Ubuntu	precise	*
Xen	Ubuntu	trusty	*
Xen	Ubuntu	utopic	*
Xen	Ubuntu	vivid	*
Xen-3.3	Ubuntu	lucid	*
Xen-3.3	Ubuntu	upstream	*

NVD	https://nvd.nist.gov/vuln/detail/CVE-2014-7188
CWE	https://cwe.mitre.org/data/definitions/399.html

Affected Software

References