| ID |
CVE-2014-1895
|
| Summary |
Off-by-one error in the flask_security_avc_cachestats function in xsm/flask/flask_op.c in Xen 4.2.x and 4.3.x, when the maximum number of physical CPUs are in use, allows local users to cause a denial of service (host crash) or obtain sensitive information from hypervisor memory by leveraging a FLASK_AVC_CACHESTAT hypercall, which triggers a buffer over-read. |
| References |
|
| Vulnerable Configurations |
-
cpe:2.3:o:xen:xen:4.2.0:*:*:*:*:*:*:*
cpe:2.3:o:xen:xen:4.2.0:*:*:*:*:*:*:*
-
cpe:2.3:o:xen:xen:4.2.1:*:*:*:*:*:*:*
cpe:2.3:o:xen:xen:4.2.1:*:*:*:*:*:*:*
-
cpe:2.3:o:xen:xen:4.2.2:*:*:*:*:*:*:*
cpe:2.3:o:xen:xen:4.2.2:*:*:*:*:*:*:*
-
cpe:2.3:o:xen:xen:4.2.3:*:*:*:*:*:*:*
cpe:2.3:o:xen:xen:4.2.3:*:*:*:*:*:*:*
-
cpe:2.3:o:xen:xen:4.3.0:*:*:*:*:*:*:*
cpe:2.3:o:xen:xen:4.3.0:*:*:*:*:*:*:*
-
cpe:2.3:o:xen:xen:4.3.1:*:*:*:*:*:*:*
cpe:2.3:o:xen:xen:4.3.1:*:*:*:*:*:*:*
|
| CVSS |
| Base: | 5.8 (as of 07-01-2017 - 02:59) |
| Impact: | |
| Exploitability: | |
|
| CWE |
CWE-189 |
| CAPEC |
|
| Access |
| Vector | Complexity | Authentication |
| ADJACENT_NETWORK |
MEDIUM |
SINGLE |
|
| Impact |
| Confidentiality | Integrity | Availability |
| PARTIAL |
NONE |
COMPLETE |
|
| cvss-vector
via4
|
AV:A/AC:M/Au:S/C:P/I:N/A:C
|
| refmap
via4
|
| confirm | http://xenbits.xen.org/xsa/advisory-85.html | | gentoo | GLSA-201407-03 | | mlist | - [oss-security] 20140207 Re: Xen Security Advisory 84 - integer overflow in several XSM/Flask hypercalls
- [oss-security] 20140210 Xen Security Advisory 85 (CVE-2014-1895) - Off-by-one error in FLASK_AVC_CACHESTAT hypercall
| | suse | SUSE-SU-2014:0373 |
|
| Last major update |
07-01-2017 - 02:59 |
| Published |
01-04-2014 - 06:35 |
| Last modified |
07-01-2017 - 02:59 |
