4.7 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:N/I:N/A:C
0.001 Low
EPSS
Percentile
25.9%
Certain MMU virtualization operations in Xen 4.2.x through 4.4.x before the
xsa97-hap patch, when using Hardware Assisted Paging (HAP), are not
preemptible, which allows local HVM guest to cause a denial of service
(vcpu consumption) by invoking these operations, which process every page
assigned to a guest, a different vulnerability than CVE-2014-5149.
Author | Note |
---|---|
mdeslaur | Original patch got reverted in git because of regressions. Be careful when fixing. |