Lucene search

PRIOn knowledge basePRION:CVE-2014-8595

HistoryNov 19, 2014 - 6:59 p.m.

Information disclosure

2014-11-1918:59:00

PRIOn knowledge base

www.prio-n.com

6.8 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

26.9%

JSON

arch/x86/x86_emulate/x86_emulate.c in Xen 3.2.1 through 4.4.x does not properly check privileges, which allows local HVM guest users to gain privileges or cause a denial of service (crash) via a crafted (1) CALL, (2) JMP, (3) RETF, (4) LCALL, (5) LJMP, or (6) LRET far branch instruction.

CPENameOperatorVersion
debian_linuxeq7.0
opensuseeq13.1
opensuseeq13.2
xeneq4.1.5
xeneq3.2.1
xeneq4.2.2
xeneq4.2.3
xeneq3.4.0
xeneq4.3.0
xeneq4.0.4

Name	Operator	Version
debian_linux	eq	7.0
opensuse	eq	13.1
opensuse	eq	13.2
xen	eq	4.1.5
xen	eq	3.2.1
xen	eq	4.2.2
xen	eq	4.2.3
xen	eq	3.4.0
xen	eq	4.3.0
xen	eq	4.0.4

Rows per page:

1-10 of 331

References

lists.opensuse.org/opensuse-security-announce/2015-02/msg00005.html

lists.opensuse.org/opensuse-security-announce/2015-02/msg00010.html

secunia.com/advisories/62537

secunia.com/advisories/62672

support.citrix.com/article/CTX200288

support.citrix.com/article/CTX201794

www.debian.org/security/2015/dsa-3140

www.securityfocus.com/bid/71151

xenbits.xen.org/xsa/advisory-110.html

exchange.xforce.ibmcloud.com/vulnerabilities/98768

security.gentoo.org/glsa/201504-04