CVE-2014-5146

🗓️ 22 Aug 2014 14:00:00Reported by mitreType

Certain MMU virtualization operations in Xen 4.2.x through 4.4.x before the xsa97-hap patch, when using Hardware Assisted Paging (HAP), are not preemptible, which allows local HVM guest to cause a denial of service (vcpu consumption) by invoking these operations

Reporter	Title	Published	Views	Family All 60
Cvelist	CVE-2014-5146	22 Aug 201414:00	–	cvelist
Debian CVE	CVE-2014-5146	22 Aug 201414:00	–	debiancve
EUVD	EUVD-2014-5044	7 Oct 202500:30	–	euvd
Fedora	[SECURITY] Fedora 19 Update: xen-4.2.5-5.fc19	1 Dec 201419:01	–	fedora
Fedora	[SECURITY] Fedora 20 Update: xen-4.3.3-5.fc20	1 Dec 201419:01	–	fedora
Fedora	[SECURITY] Fedora 19 Update: xen-4.2.5-3.fc19	11 Oct 201406:57	–	fedora
Fedora	[SECURITY] Fedora 20 Update: xen-4.3.3-12.fc20	22 Mar 201504:31	–	fedora
Fedora	[SECURITY] Fedora 20 Update: xen-4.3.4-3.fc20	2 May 201518:09	–	fedora
Fedora	[SECURITY] Fedora 20 Update: xen-4.3.2-7.fc20	24 Aug 201402:54	–	fedora
Fedora	[SECURITY] Fedora 19 Update: xen-4.2.4-7.fc19	24 Aug 201402:54	–	fedora

NVD

Node

opensuse opensuseMatch13.1

opensuse opensuseMatch13.2

Node

xen xenMatch4.2.0

xen xenMatch4.2.1

xen xenMatch4.2.2

xen xenMatch4.2.3

xen xenMatch4.3.0

xen xenMatch4.3.1

xen xenMatch4.4.0

Source	Link
lists	www.lists.fedoraproject.org/pipermail/package-announce/2014-August/136980.html
xenbits	www.xenbits.xen.org/xsa/advisory-97.html
lists	www.lists.fedoraproject.org/pipermail/package-announce/2014-August/136981.html
exchange	www.exchange.xforce.ibmcloud.com/vulnerabilities/95234
securitytracker	www.securitytracker.com/id/1030723
lists	www.lists.opensuse.org/opensuse-security-announce/2015-02/msg00005.html
lists	www.lists.opensuse.org/opensuse-security-announce/2015-02/msg00010.html
security	www.security.gentoo.org/glsa/201504-04
securityfocus	www.securityfocus.com/bid/69198

06 May 2026 22:30Current

4.1Medium risk

Vulners AI Score4.1

CVSS 24.7

EPSS0.0007

CWE-399