Описание
The ARM image loading functionality in Xen 4.4.x does not properly validate kernel length, which allows local users to read system memory or cause a denial of service (crash) via a crafted 32-bit ARM guest kernel in an image, which triggers a buffer overflow.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | released | 4.4.0-0ubuntu6 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was released [4.4.0-0ubuntu5.1]] |
| lucid | DNE | |
| precise | not-affected | |
| quantal | not-affected | |
| saucy | not-affected | |
| trusty | released | 4.4.0-0ubuntu5.1 |
| trusty/esm | DNE | trusty was released [4.4.0-0ubuntu5.1] |
| upstream | needs-triage |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| esm-infra-legacy/trusty | DNE | |
| lucid | not-affected | |
| precise | DNE | |
| quantal | DNE | |
| saucy | DNE | |
| trusty | DNE | |
| trusty/esm | DNE | |
| upstream | ignored | end of life |
Показывать по
EPSS
3.3 Low
CVSS2
Связанные уязвимости
The ARM image loading functionality in Xen 4.4.x does not properly validate kernel length, which allows local users to read system memory or cause a denial of service (crash) via a crafted 32-bit ARM guest kernel in an image, which triggers a buffer overflow.
The ARM image loading functionality in Xen 4.4.x does not properly val ...
The ARM image loading functionality in Xen 4.4.x does not properly validate kernel length, which allows local users to read system memory or cause a denial of service (crash) via a crafted 32-bit ARM guest kernel in an image, which triggers a buffer overflow.
EPSS
3.3 Low
CVSS2