Lucene search
MitreCVELIST:CVE-2014-8594HistoryNov 19, 2014 - 6:00 p.m.
CVE-2014-8594
2014-11-1918:00:00
mitre
www.cve.org
The do_mmu_update function in arch/x86/mm.c in Xen 4.x through 4.4.x does not properly restrict updates to only PV page tables, which allows remote PV guests to cause a denial of service (NULL pointer dereference) by leveraging hardware emulation services for HVM guests using Hardware Assisted Paging (HAP).
References
lists.opensuse.org/opensuse-security-announce/2015-02/msg00005.html
lists.opensuse.org/opensuse-security-announce/2015-02/msg00010.html
secunia.com/advisories/62672
www.debian.org/security/2015/dsa-3140
www.securityfocus.com/bid/71149
xenbits.xen.org/xsa/advisory-109.html
exchange.xforce.ibmcloud.com/vulnerabilities/98767
security.gentoo.org/glsa/201504-04
Related
debiancve
debiancve
CVE-2014-8594
2014-11-19 18:59:10
xen
xen
Insufficient restrictions on certain MMU update hypercalls
2014-11-18 12:00:00
prion
prion
Null pointer dereference
2014-11-19 18:59:00
cve
cve
CVE-2014-8594
2014-11-19 18:59:10
nvd
nvd
CVE-2014-8594
2014-11-19 18:59:10
ubuntucve
ubuntucve
CVE-2014-8594
2014-11-19 00:00:00
nessus
nessus
Fedora 21 : xen-4.4.1-9.fc21 (2014-15951)
2014-12-15 00:00:00
Fedora 19 : xen-4.2.5-5.fc19 (2014-15503)
2014-12-02 00:00:00
Fedora 20 : xen-4.3.3-5.fc20 (2014-15521)
2014-12-02 00:00:00
debian
debian
[SECURITY] [DSA 3140-1] xen security update
2015-01-27 10:53:46
securityvulns
securityvulns
[SECURITY] [DSA 3140-1] xen security update
2015-02-02 00:00:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2014:1700-1)
2021-06-09 00:00:00
Debian Security Advisory DSA 3140-1 (xen - security update)
2015-01-27 00:00:00
Debian: Security Advisory (DSA-3140-1)
2015-01-26 00:00:00
osv
osv
xen - security update
2015-01-27 00:00:00
fedora
fedora
[SECURITY] Fedora 21 Update: xen-4.4.1-9.fc21
2014-12-12 04:01:42
[SECURITY] Fedora 21 Update: xen-4.4.1-12.fc21
2015-01-17 05:35:38
[SECURITY] Fedora 21 Update: xen-4.4.1-16.fc21
2015-03-23 07:10:24
suse
suse
Security update for xen (important)
2015-01-09 12:04:44
Security update for xen (important)
2015-02-06 11:05:09
Security update for xen (important)
2015-02-11 15:05:20
gentoo
gentoo
Xen: Multiple vulnerabilities
2015-04-11 00:00:00