Lucene search
HistoryMay 19, 2014 - 2:55 p.m.
CVE-2014-3714
CVSS2
3.3
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:L/AC:M/Au:N/C:P/I:N/A:P
AI Score
6.2
Confidence
High
EPSS
0
Percentile
5.1%
The ARM image loading functionality in Xen 4.4.x does not properly validate kernel length, which allows local users to read system memory or cause a denial of service (crash) via a crafted 32-bit ARM guest kernel in an image, which triggers a buffer overflow.
Affected configurations
Node
xenxenMatch4.4.0
ORxenxenMatch4.4.0rc1
Related
ubuntucve
ubuntucve
CVE-2014-3714
2014-05-19 00:00:00
cve
cve
CVE-2014-3714
2014-05-19 14:55:12
cvelist
cvelist
CVE-2014-3714
2014-05-19 14:00:00
prion
prion
Buffer overflow
2014-05-19 14:55:00
debiancve
debiancve
CVE-2014-3714
2014-05-19 14:55:12
redhatcve
redhatcve
CVE-2014-3714
2015-10-30 10:34:26
securityvulns
securityvulns
Xen buffer overflow
2014-05-15 00:00:00
xen
xen
input handling vulnerabilities loading guest kernel on ARM
2014-05-14 10:44:00
CVSS2
3.3
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:L/AC:M/Au:N/C:P/I:N/A:P
AI Score
6.2
Confidence
High
EPSS
0
Percentile
5.1%
Related for NVD:CVE-2014-3714