BID:69198

Xen CVE-2014-5146 Denial of Service Vulnerability

Info

Xen CVE-2014-5146 Denial of Service Vulnerability

Bugtraq ID:	69198
Class:	Unknown
CVE:	CVE-2014-5146
Remote:	Yes
Local:	No
Published:	Aug 12 2014 12:00AM
Updated:	Apr 13 2015 10:17PM
Credit:	Jan Beulich
Vulnerable:	Xen Xen 4.4.0 - Xen Xen 4.4 Xen Xen 4.3.1 Xen Xen 4.3.0 Xen Xen 4.3 Xen Xen 4.2.3 Xen Xen 4.2.2 Xen Xen 4.2.1 Xen Xen 4.2.0 Xen Xen 4.2 S.u.S.E. openSUSE 13.2 S.u.S.E. openSUSE 13.1

Not Vulnerable:

Discussion

Xen CVE-2014-5146 Denial of Service Vulnerability

Xen is prone to a denial-of-service vulnerability.

Attackers with access to a guest HVM operating system can exploit this issue to crash the host operating system, effectively denying service to legitimate users.

Solution / Fix

Xen CVE-2014-5146 Denial of Service Vulnerability

Solution:
Updates are available. Please see the references or vendor advisory for more information.

References

Xen CVE-2014-5146 Denial of Service Vulnerability

References:

Xen Homepage (XenSource )
Xen Security Advisory 97 (CVE-2014-5146,CVE-2014-5149) - Long latency virtual-mm (Xen)