Lucene search

K
nvd[email protected]NVD:CVE-2014-7155
HistoryOct 02, 2014 - 2:55 p.m.

CVE-2014-7155

2014-10-0214:55:05
CWE-264
web.nvd.nist.gov
7

CVSS2

5.8

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:A/AC:L/Au:N/C:P/I:P/A:P

AI Score

6.1

Confidence

High

EPSS

0.001

Percentile

26.7%

The x86_emulate function in arch/x86/x86_emulate/x86_emulate.c in Xen 4.4.x and earlier does not properly check supervisor mode permissions, which allows local HVM users to cause a denial of service (guest crash) or gain guest kernel mode privileges via vectors involving an (1) HLT, (2) LGDT, (3) LIDT, or (4) LMSW instruction.

Affected configurations

Nvd
Node
xenxenRange4.4.0
OR
xenxenMatch3.0.2
OR
xenxenMatch3.0.3
OR
xenxenMatch3.0.4
OR
xenxenMatch3.1.3
OR
xenxenMatch3.1.4
OR
xenxenMatch3.2.0
OR
xenxenMatch3.2.1
OR
xenxenMatch3.2.2
OR
xenxenMatch3.2.3
OR
xenxenMatch3.3.0
OR
xenxenMatch3.3.1
OR
xenxenMatch3.3.2
OR
xenxenMatch3.4.0
OR
xenxenMatch3.4.1
OR
xenxenMatch3.4.2
OR
xenxenMatch3.4.3
OR
xenxenMatch3.4.4
OR
xenxenMatch4.0.0
OR
xenxenMatch4.0.1
OR
xenxenMatch4.0.2
OR
xenxenMatch4.0.3
OR
xenxenMatch4.0.4
OR
xenxenMatch4.1.0
OR
xenxenMatch4.1.1
OR
xenxenMatch4.1.2
OR
xenxenMatch4.1.3
OR
xenxenMatch4.1.4
OR
xenxenMatch4.1.5
OR
xenxenMatch4.1.6.1
OR
xenxenMatch4.2.0
OR
xenxenMatch4.2.1
OR
xenxenMatch4.2.2
OR
xenxenMatch4.2.3
OR
xenxenMatch4.3.0
OR
xenxenMatch4.3.1
OR
xenxenMatch4.4.0
OR
xenxenMatch4.4.0rc1
Node
debiandebian_linuxMatch7.0
Node
fedoraprojectfedoraMatch19
OR
fedoraprojectfedoraMatch20
Node
opensuseopensuseMatch12.3
OR
opensuseopensuseMatch13.1
VendorProductVersionCPE
xenxen*cpe:2.3:o:xen:xen:*:*:*:*:*:*:*:*
xenxen3.0.2cpe:2.3:o:xen:xen:3.0.2:*:*:*:*:*:*:*
xenxen3.0.3cpe:2.3:o:xen:xen:3.0.3:*:*:*:*:*:*:*
xenxen3.0.4cpe:2.3:o:xen:xen:3.0.4:*:*:*:*:*:*:*
xenxen3.1.3cpe:2.3:o:xen:xen:3.1.3:*:*:*:*:*:*:*
xenxen3.1.4cpe:2.3:o:xen:xen:3.1.4:*:*:*:*:*:*:*
xenxen3.2.0cpe:2.3:o:xen:xen:3.2.0:*:*:*:*:*:*:*
xenxen3.2.1cpe:2.3:o:xen:xen:3.2.1:*:*:*:*:*:*:*
xenxen3.2.2cpe:2.3:o:xen:xen:3.2.2:*:*:*:*:*:*:*
xenxen3.2.3cpe:2.3:o:xen:xen:3.2.3:*:*:*:*:*:*:*
Rows per page:
1-10 of 431

CVSS2

5.8

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:A/AC:L/Au:N/C:P/I:P/A:P

AI Score

6.1

Confidence

High

EPSS

0.001

Percentile

26.7%