Posted on by lee

CVE-2014-7188CVE-2014-7188

Affected configuration(s):

cpe:/o:xen:xen:4.1.0
cpe:/o:xen:xen:4.1.1
cpe:/o:xen:xen:4.1.2
cpe:/o:xen:xen:4.1.3
cpe:/o:xen:xen:4.1.4
cpe:/o:xen:xen:4.1.5
cpe:/o:xen:xen:4.1.6.1
cpe:/o:xen:xen:4.2.0
cpe:/o:xen:xen:4.2.1
cpe:/o:xen:xen:4.2.2
cpe:/o:xen:xen:4.2.3
cpe:/o:xen:xen:4.3.0
cpe:/o:xen:xen:4.3.1
cpe:/o:xen:xen:4.4.0:-
cpe:/o:xen:xen:4.4.0:rc1
cpe:/o:xen:xen:4.4.1:-

Date published: 2014-10-02T10:55:05.293-04:00

Date last modified: 2017-09-07T21:29:15.467-04:00

CVSS Score: 8.3

Principal attack vector: ADJACENT_NETWORK

Complexity:  LOW

Reference URL: http://lists.fedoraproject.org/pipermail/package-announce/2014-October/140199.html

Summary: The hvm_msr_read_intercept function in arch/x86/hvm/hvm.c in Xen 4.1 through 4.4.x uses an improper MSR range for x2APIC emulation, which allows local HVM guests to cause a denial of service (host crash) or read data from the hypervisor or other guests via unspecified vectors.

CategoriesUncategorised

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.