Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2014-1666HistoryJan 26, 2014 - 4:58 p.m.
CVE-2014-1666
2014-01-2616:58:11
Debian Security Bug Tracker
security-tracker.debian.org
10
0.004 Low
EPSS
Percentile
72.9%
The do_physdev_op function in Xen 4.1.5, 4.1.6.1, 4.2.2 through 4.2.3, and 4.3.x does not properly restrict access to the (1) PHYSDEVOP_prepare_msix and (2) PHYSDEVOP_release_msix operations, which allows local PV guests to cause a denial of service (host or guest malfunction) or possibly gain privileges via unspecified vectors.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | xen | < 4.4.0-1 | xen_4.4.0-1_all.deb |
| Debian | 11 | all | xen | < 4.4.0-1 | xen_4.4.0-1_all.deb |
| Debian | 10 | all | xen | < 4.4.0-1 | xen_4.4.0-1_all.deb |
| Debian | 999 | all | xen | < 4.4.0-1 | xen_4.4.0-1_all.deb |
| Debian | 13 | all | xen | < 4.4.0-1 | xen_4.4.0-1_all.deb |
Related
cve
cve
CVE-2014-1666
2014-01-26 16:58:11
prion
prion
Design/Logic Flaw
2014-01-26 16:58:00
cvelist
cvelist
CVE-2014-1666
2014-01-26 11:00:00
xen
xen
PHYSDEVOP_{prepare,release}_msix exposed to unprivileged guests
2014-01-23 17:38:00
ubuntucve
ubuntucve
CVE-2014-1666
2014-01-26 00:00:00
nessus
nessus
Fedora 20 : xen-4.3.1-8.fc20 (2014-1552)
2014-02-03 00:00:00
Fedora 19 : xen-4.2.3-14.fc19 (2014-1559)
2014-02-03 00:00:00
Citrix XenServer Multiple Vulnerabilities (CTX200288)
2014-12-05 00:00:00
openvas
openvas
Citrix XenServer Multiple Security Updates (CTX200288)
2014-12-18 00:00:00
SUSE: Security Advisory (SUSE-SU-2014:0372-1)
2021-06-09 00:00:00
SUSE: Security Advisory for Xen (SUSE-SU-2014:0372-1)
2015-10-16 00:00:00
fedora
fedora
[SECURITY] Fedora 20 Update: xen-4.3.1-8.fc20
2014-02-03 02:43:51
[SECURITY] Fedora 20 Update: xen-4.3.1-9.fc20
2014-02-16 23:21:24
[SECURITY] Fedora 20 Update: xen-4.3.2-1.fc20
2014-03-02 03:45:00
suse
suse
Security update for Xen (important)
2014-03-14 00:04:13
Security update for Xen (important)
2014-03-14 00:06:40
gentoo
gentoo
Xen: Multiple Vunlerabilities
2014-07-16 00:00:00