1.9

CVE-2014-8595

arch/x86/x86_emulate/x86_emulate.c in Xen 3.2.1 through 4.4.x does not properly check privileges, which allows local HVM guest users to gain privileges or cause a denial of service (crash) via a crafted (1) CALL, (2) JMP, (3) RETF, (4) LCALL, (5) LJMP, or (6) LRET far branch instruction.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
DebianDebian Linux Version7.0
XenXen Version3.2.1
XenXen Version3.2.2
XenXen Version3.2.3
XenXen Version3.3.0
XenXen Version3.3.1
XenXen Version3.3.2
XenXen Version3.4.0
XenXen Version3.4.1
XenXen Version3.4.2
XenXen Version3.4.3
XenXen Version3.4.4
XenXen Version4.0.0
XenXen Version4.0.1
XenXen Version4.0.2
XenXen Version4.0.3
XenXen Version4.0.4
XenXen Version4.1.0
XenXen Version4.1.1
XenXen Version4.1.2
XenXen Version4.1.3
XenXen Version4.1.4
XenXen Version4.1.5
XenXen Version4.1.6.1
XenXen Version4.2.0
XenXen Version4.2.1
XenXen Version4.2.2
XenXen Version4.2.3
XenXen Version4.3.0
XenXen Version4.3.1
XenXen Version4.4.0
OpensuseOpensuse Version13.1
OpensuseOpensuse Version13.2
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.41% 0.328
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 1.9 3.4 2.9
AV:L/AC:M/Au:N/C:N/I:N/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
https://security.gentoo.org/glsa/201504-04
http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00005.html
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00010.html
Third Party Advisory
http://support.citrix.com/article/CTX200288
http://support.citrix.com/article/CTX201794
http://secunia.com/advisories/62672
http://www.debian.org/security/2015/dsa-3140
Third Party Advisory
http://secunia.com/advisories/62537
http://www.securityfocus.com/bid/71151
http://xenbits.xen.org/xsa/advisory-110.html
Patch
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/98768