exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 3 of 3 RSS Feed

CVE-2014-8867

Status Candidate

Overview

The acceleration support for the "REP MOVS" instruction in Xen 4.4.x, 3.2.x, and earlier lacks properly bounds checking for memory mapped I/O (MMIO) emulated in the hypervisor, which allows local HVM guests to cause a denial of service (host crash) via unspecified vectors.

Related Files

Gentoo Linux Security Advisory 201504-04
Posted Apr 13, 2015
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201504-4 - Multiple vulnerabilities have been found in Xen, the worst of which can allow remote attackers to cause a Denial of Service condition. Versions less than 4.4.2-r1 are affected.

tags | advisory, remote, denial of service, vulnerability
systems | linux, gentoo
advisories | CVE-2013-2212, CVE-2013-3495, CVE-2014-3967, CVE-2014-3968, CVE-2014-5146, CVE-2014-5149, CVE-2014-8594, CVE-2014-8595, CVE-2014-8866, CVE-2014-8867, CVE-2014-9030, CVE-2014-9065, CVE-2014-9066, CVE-2015-0361, CVE-2015-2044, CVE-2015-2045, CVE-2015-2152, CVE-2015-2751, CVE-2015-2752, CVE-2015-2756
SHA-256 | 2502e45c47e6b01b6b3a981d284f6ec59e302110b8448a83b082f2cce67992e2
Red Hat Security Advisory 2015-0783-01
Posted Apr 7, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-0783-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. It was found that the Linux kernel's Infiniband subsystem did not properly sanitize input parameters while registering memory regions from user space via the verbs API. A local user with access to a /dev/infiniband/uverbsX device could use this flaw to crash the system or, potentially, escalate their privileges on the system. An insufficient bound checking flaw was found in the Xen hypervisor's implementation of acceleration support for the "REP MOVS" instructions. A privileged HVM guest user could potentially use this flaw to crash the host.

tags | advisory, kernel, local
systems | linux, redhat
advisories | CVE-2014-8159, CVE-2014-8867
SHA-256 | 1a62eb3c62b3f58d404ecacc94006c7b1a6ccb8bd2830547a948bccc4c9d83d7
Debian Security Advisory 3140-1
Posted Jan 27, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3140-1 - Multiple security issues have been discovered in the Xen virtualization solution which may result in denial of service, information disclosure or privilege escalation.

tags | advisory, denial of service, info disclosure
systems | linux, debian
advisories | CVE-2014-8594, CVE-2014-8595, CVE-2014-8866, CVE-2014-8867, CVE-2014-9030
SHA-256 | a2106c197e2e01397c5028ddbf50e4b1ec243676cc7ab6262b916a12ae043f69
Page 1 of 1
Back1Next

File Archive:

February 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    16 Files
  • 2
    Feb 2nd
    19 Files
  • 3
    Feb 3rd
    0 Files
  • 4
    Feb 4th
    0 Files
  • 5
    Feb 5th
    24 Files
  • 6
    Feb 6th
    2 Files
  • 7
    Feb 7th
    10 Files
  • 8
    Feb 8th
    25 Files
  • 9
    Feb 9th
    37 Files
  • 10
    Feb 10th
    0 Files
  • 11
    Feb 11th
    0 Files
  • 12
    Feb 12th
    17 Files
  • 13
    Feb 13th
    20 Files
  • 14
    Feb 14th
    25 Files
  • 15
    Feb 15th
    15 Files
  • 16
    Feb 16th
    6 Files
  • 17
    Feb 17th
    0 Files
  • 18
    Feb 18th
    0 Files
  • 19
    Feb 19th
    35 Files
  • 20
    Feb 20th
    25 Files
  • 21
    Feb 21st
    18 Files
  • 22
    Feb 22nd
    15 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    10 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    37 Files
  • 27
    Feb 27th
    34 Files
  • 28
    Feb 28th
    0 Files
  • 29
    Feb 29th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close