[Forgot Password]
Login  Register Subscribe

30430

 
 

423868

 
 

247768

 
 

909

 
 

194555

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2014-3124Date: (C)2014-05-15   (M)2023-12-22


The HVMOP_set_mem_type control in Xen 4.1 through 4.4.x allows local guest HVM administrators to cause a denial of service (hypervisor crash) or possibly execute arbitrary code by leveraging a separate qemu-dm vulnerability to trigger invalid page table translations for unspecified memory page types.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 6.7
Exploit Score: 5.1
Impact Score: 8.5
 
CVSS V2 Metrics:
Access Vector: ADJACENT_NETWORK
Access Complexity: LOW
Authentication: SINGLE
Confidentiality: PARTIAL
Integrity: PARTIAL
Availability: COMPLETE
  
Reference:
SECTRACK-1030160
BID-67113
DSA-3006
FEDORA-2014-5915
FEDORA-2014-5941
GLSA-201407-03
http://www.openwall.com/lists/oss-security/2014/04/29/1
http://www.openwall.com/lists/oss-security/2014/04/30/10
http://xenbits.xen.org/xsa/advisory-92.html
openSUSE-SU-2014:1281

CPE    14
cpe:/o:xen:xen:4.1.6.1
cpe:/o:xen:xen:4.1.0
cpe:/o:xen:xen:4.1.4
cpe:/o:xen:xen:4.2.3
...
CWE    1
CWE-264
OVAL    21
oval:org.secpod.oval:def:601746
oval:org.secpod.oval:def:108686
oval:org.secpod.oval:def:108802
oval:org.secpod.oval:def:108879
...

© SecPod Technologies