Ubuntu.comUB:CVE-2014-2580CVE-2014-2580
4.4 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:L/AC:M/Au:S/C:N/I:N/A:C
0.001 Low
EPSS
Percentile
25.6%
The netback driver in Xen, when using certain Linux versions that do not
allow sleeping in softirq context, allows local guest administrators to
cause a denial of service (βscheduling while atomicβ error and host crash)
via a malformed packet, which causes a mutex to be taken when trying to
disable the interface.
Bugs
References
www.openwall.com/lists/oss-security/2014/03/25
xenbits.xenproject.org/xsa/advisory-90.html
launchpad.net/bugs/cve/CVE-2014-2580
nvd.nist.gov/vuln/detail/CVE-2014-2580
security-tracker.debian.org/tracker/CVE-2014-2580
ubuntu.com/security/notices/USN-2226-1
ubuntu.com/security/notices/USN-2260-1
www.cve.org/CVERecord?id=CVE-2014-2580
Related
4.4 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:L/AC:M/Au:S/C:N/I:N/A:C
0.001 Low
EPSS
Percentile
25.6%