Lucene search

PRIOn knowledge basePRION:CVE-2014-1891

HistoryApr 01, 2014 - 6:35 a.m.

Integer overflow

2014-04-0106:35:00

PRIOn knowledge base

www.prio-n.com

6.3 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

Multiple integer overflows in the (1) FLASK_GETBOOL, (2) FLASK_SETBOOL, (3) FLASK_USER, and (4) FLASK_CONTEXT_TO_SID suboperations in the flask hypercall in Xen 4.3.x, 4.2.x, 4.1.x, 3.2.x, and earlier, when XSM is enabled, allow local users to cause a denial of service (processor fault) via unspecified vectors, a different vulnerability than CVE-2014-1892, CVE-2014-1893, and CVE-2014-1894.

CPENameOperatorVersion
xeneq3.2.0
xeneq4.1.5
xeneq3.2.1
xeneq4.2.2
xeneq4.2.3
xeneq3.4.0
xeneq3.3.2
xeneq4.1.2
xeneq3.2.2
xeneq3.4.4

Name	Operator	Version
xen	eq	3.2.0
xen	eq	4.1.5
xen	eq	3.2.1
xen	eq	4.2.2
xen	eq	4.2.3
xen	eq	3.4.0
xen	eq	3.3.2
xen	eq	4.1.2
xen	eq	3.2.2
xen	eq	3.4.4

Rows per page:

1-10 of 251

References

lists.opensuse.org/opensuse-security-announce/2014-03/msg00010.html

lists.opensuse.org/opensuse-security-announce/2014-03/msg00011.html

lists.opensuse.org/opensuse-security-announce/2014-03/msg00021.html

security.gentoo.org/glsa/glsa-201407-03.xml

www.openwall.com/lists/oss-security/2014/02/07/12

www.openwall.com/lists/oss-security/2014/02/07/4

www.openwall.com/lists/oss-security/2014/02/10/8

xenbits.xen.org/xsa/advisory-84.html