CVE-2014-1896

🗓️ 01 Apr 2014 06:53:35Reported by [email protected]Type

The do_send and do_recv functions in libvchan in Xen 4.2-4.4 allow local guests to cause denial of service or potentially gain privileges via crafted xenstore ring indexes

Reporter	Title	Published	Views	Family All 74
Debian CVE	CVE-2014-1896	1 Apr 201406:35	–	debiancve
Prion	Code injection	1 Apr 201406:35	–	prion
UbuntuCve	CVE-2014-1896	1 Apr 201400:00	–	ubuntucve
Cvelist	CVE-2014-1896	1 Apr 201401:00	–	cvelist
CVE	CVE-2014-1896	1 Apr 201406:35	–	cve
Xen Project	libvchan failure handling malicious ring indexes	6 Feb 201412:00	–	xen
Tenable Nessus	Fedora 20 : xen-4.3.1-9.fc20 (2014-2170)	17 Feb 201400:00	–	nessus
Tenable Nessus	Fedora 19 : xen-4.2.3-15.fc19 (2014-2188)	17 Feb 201400:00	–	nessus
Tenable Nessus	SuSE 11.3 Security Update : Xen (SAT Patch Number 8973)	14 Mar 201400:00	–	nessus
Tenable Nessus	openSUSE Security Update : xen (openSUSE-SU-2014:0483-1)	13 Jun 201400:00	–	nessus

Nvd

Node

xen xenMatch4.2.0

xen xenMatch4.2.1

xen xenMatch4.2.2

xen xenMatch4.2.3

xen xenMatch4.3.0

xen xenMatch4.3.1

xen xenMatch4.4.0rc1

Source	Link
xenbits	www.xenbits.xen.org/xsa/xsa86.patch
openwall	www.openwall.com/lists/oss-security/2014/02/07/12
security	www.security.gentoo.org/glsa/glsa-201407-03.xml
xenbits	www.xenbits.xen.org/xsa/advisory-86.html
lists	www.lists.opensuse.org/opensuse-security-announce/2014-03/msg00011.html
openwall	www.openwall.com/lists/oss-security/2014/02/10/7

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

01 Apr 2014 06:35Current

6.6Medium risk

Vulners AI Score6.6

CVSS24.9

EPSS0.00062

CWE-20