CVE-2014-7154

Опубликовано: 02 окт. 2014

Источник: nvd

CVSS2: 6.1

EPSS Низкий

Описание

Race condition in HVMOP_track_dirty_vram in Xen 4.0.0 through 4.4.x does not ensure possession of the guarding lock for dirty video RAM tracking, which allows certain local guest domains to cause a denial of service via unspecified vectors.

Ссылки

http://lists.fedoraproject.org/pipermail/package-announce/2014-October/140418.html
Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2014-October/140483.html
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00002.html
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00003.html
Third Party Advisory
http://secunia.com/advisories/61501
http://secunia.com/advisories/61890
http://security.gentoo.org/glsa/glsa-201412-42.xml
http://www.debian.org/security/2014/dsa-3041
Third Party Advisory
http://www.securitytracker.com/id/1030887
Third Party Advisory
VDB Entry
http://xenbits.xen.org/xsa/advisory-104.html
Patch
Vendor Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2014-October/140418.html
Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2014-October/140483.html
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00002.html
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00003.html
Third Party Advisory
http://secunia.com/advisories/61501
http://secunia.com/advisories/61890
http://security.gentoo.org/glsa/glsa-201412-42.xml
http://www.debian.org/security/2014/dsa-3041
Third Party Advisory
http://www.securitytracker.com/id/1030887
Third Party Advisory
VDB Entry
http://xenbits.xen.org/xsa/advisory-104.html
Patch
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:fedoraproject:fedora:19:*:*:*:*:*:*:*

cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*

Конфигурация 2

cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*

Конфигурация 3

Одно из

cpe:2.3:o:xen:xen:4.1.0:*:*:*:*:*:*:*

cpe:2.3:o:xen:xen:4.1.1:*:*:*:*:*:*:*

cpe:2.3:o:xen:xen:4.1.2:*:*:*:*:*:*:*

cpe:2.3:o:xen:xen:4.1.3:*:*:*:*:*:*:*

cpe:2.3:o:xen:xen:4.1.4:*:*:*:*:*:*:*

cpe:2.3:o:xen:xen:4.1.5:*:*:*:*:*:*:*

cpe:2.3:o:xen:xen:4.1.6.1:*:*:*:*:*:*:*

cpe:2.3:o:xen:xen:4.2.0:*:*:*:*:*:*:*

cpe:2.3:o:xen:xen:4.2.1:*:*:*:*:*:*:*

cpe:2.3:o:xen:xen:4.2.2:*:*:*:*:*:*:*

cpe:2.3:o:xen:xen:4.2.3:*:*:*:*:*:*:*

cpe:2.3:o:xen:xen:4.3.0:*:*:*:*:*:*:*

cpe:2.3:o:xen:xen:4.3.1:*:*:*:*:*:*:*

cpe:2.3:o:xen:xen:4.4.0:*:*:*:*:*:*:*

cpe:2.3:o:xen:xen:4.4.0:rc1:*:*:*:*:*:*

cpe:2.3:o:xen:xen:4.4.1:-:*:*:*:*:*:*

Конфигурация 4

Одно из

cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*

cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*

EPSS

Процентиль: 73%

0.00775

Низкий

6.1 Medium

CVSS2

Дефекты

CWE-362

Связанные уязвимости

CVE-2014-7154

ubuntu

больше 11 лет назад

CVE-2014-7154

redhat

больше 11 лет назад

CVE-2014-7154

debian

больше 11 лет назад

Race condition in HVMOP_track_dirty_vram in Xen 4.0.0 through 4.4.x do ...

GHSA-wch3-7x83-fq5h

github

больше 3 лет назад

SUSE-SU-2015:0940-1

suse-cvrf

около 13 лет назад

Security update for Xen

EPSS

Процентиль: 73%

0.00775

Низкий

6.1 Medium

CVSS2

Дефекты

CWE-362