CVE-2014-2580CVE-2014-2580

Affected configuration(s):

cpe:/o:xen:xen:-

Date published: 2014-04-15T19:13:13.337-04:00

Date last modified: 2014-04-16T09:57:39.067-04:00

CVSS Score: 4.4

Principal attack vector: LOCAL

Complexity:  MEDIUM

Reference URL: http://www.openwall.com/lists/oss-security/2014/03/24/6

Summary: The netback driver in Xen, when using certain Linux versions that do not allow sleeping in softirq context, allows local guest administrators to cause a denial of service (“scheduling while atomic” error and host crash) via a malformed packet, which causes a mutex to be taken when trying to disable the interface.

CategoriesUncategorised

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.