Описание
Xen 3.0.3 through 4.1.x (possibly 4.1.6.1), 4.2.x (possibly 4.2.3), and 4.3.x (possibly 4.3.1) does not properly prevent access to hypercalls, which allows local guest users to gain privileges via a crafted application running in ring 1 or 2.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | released | 4.3.0-1ubuntu2 |
| lucid | DNE | |
| precise | released | 4.1.5-0ubuntu0.12.04.2 |
| quantal | released | 4.1.5-0ubuntu0.12.10.2 |
| raring | released | 4.2.2-0ubuntu0.13.04.3 |
| saucy | released | 4.3.0-1ubuntu1.2 |
| upstream | needs-triage |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| lucid | ignored | end of life |
| precise | DNE | |
| quantal | DNE | |
| raring | DNE | |
| saucy | DNE | |
| upstream | ignored | end of life |
Показывать по
Ссылки на источники
EPSS
5.2 Medium
CVSS2
Связанные уязвимости
Xen 3.0.3 through 4.1.x (possibly 4.1.6.1), 4.2.x (possibly 4.2.3), and 4.3.x (possibly 4.3.1) does not properly prevent access to hypercalls, which allows local guest users to gain privileges via a crafted application running in ring 1 or 2.
Xen 3.0.3 through 4.1.x (possibly 4.1.6.1), 4.2.x (possibly 4.2.3), and 4.3.x (possibly 4.3.1) does not properly prevent access to hypercalls, which allows local guest users to gain privileges via a crafted application running in ring 1 or 2.
Xen 3.0.3 through 4.1.x (possibly 4.1.6.1), 4.2.x (possibly 4.2.3), an ...
Xen 3.0.3 through 4.1.x (possibly 4.1.6.1), 4.2.x (possibly 4.2.3), and 4.3.x (possibly 4.3.1) does not properly prevent access to hypercalls, which allows local guest users to gain privileges via a crafted application running in ring 1 or 2.
ELSA-2014-0285: kernel security, bug fix, and enhancement update (IMPORTANT)
EPSS
5.2 Medium
CVSS2