Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2014-1891

Опубликовано: 06 фев. 2014
Источник: redhat
CVSS2: 4.3
EPSS Низкий

Описание

Multiple integer overflows in the (1) FLASK_GETBOOL, (2) FLASK_SETBOOL, (3) FLASK_USER, and (4) FLASK_CONTEXT_TO_SID suboperations in the flask hypercall in Xen 4.3.x, 4.2.x, 4.1.x, 3.2.x, and earlier, when XSM is enabled, allow local users to cause a denial of service (processor fault) via unspecified vectors, a different vulnerability than CVE-2014-1892, CVE-2014-1893, and CVE-2014-1894.

Отчет

Not vulnerable. This issue did not affect the versions of the kernel-xen package as shipped with Red Hat Enterprise Linux 5. This issue did not affect Red Hat Enterprise Linux 6 and Red Hat Enterprise MRG 2 as we did not have support for Xen hypervisor.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 5kernel-xenNot affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-190
https://bugzilla.redhat.com/show_bug.cgi?id=1062326xen: integer overflow in several XSM/Flask hypercalls (xsa-84)

EPSS

Процентиль: 50%
0.00271
Низкий

4.3 Medium

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2014-1891

ubuntu
почти 12 лет назад

Multiple integer overflows in the (1) FLASK_GETBOOL, (2) FLASK_SETBOOL, (3) FLASK_USER, and (4) FLASK_CONTEXT_TO_SID suboperations in the flask hypercall in Xen 4.3.x, 4.2.x, 4.1.x, 3.2.x, and earlier, when XSM is enabled, allow local users to cause a denial of service (processor fault) via unspecified vectors, a different vulnerability than CVE-2014-1892, CVE-2014-1893, and CVE-2014-1894.

nvd логотип

CVE-2014-1891

nvd
почти 12 лет назад

Multiple integer overflows in the (1) FLASK_GETBOOL, (2) FLASK_SETBOOL, (3) FLASK_USER, and (4) FLASK_CONTEXT_TO_SID suboperations in the flask hypercall in Xen 4.3.x, 4.2.x, 4.1.x, 3.2.x, and earlier, when XSM is enabled, allow local users to cause a denial of service (processor fault) via unspecified vectors, a different vulnerability than CVE-2014-1892, CVE-2014-1893, and CVE-2014-1894.

debian логотип

CVE-2014-1891

debian
почти 12 лет назад

Multiple integer overflows in the (1) FLASK_GETBOOL, (2) FLASK_SETBOOL ...

github логотип

GHSA-4jpf-c3p7-8jx7

github
больше 3 лет назад

Multiple integer overflows in the (1) FLASK_GETBOOL, (2) FLASK_SETBOOL, (3) FLASK_USER, and (4) FLASK_CONTEXT_TO_SID suboperations in the flask hypercall in Xen 4.3.x, 4.2.x, 4.1.x, 3.2.x, and earlier, when XSM is enabled, allow local users to cause a denial of service (processor fault) via unspecified vectors, a different vulnerability than CVE-2014-1892, CVE-2014-1893, and CVE-2014-1894.

EPSS

Процентиль: 50%
0.00271
Низкий

4.3 Medium

CVSS2