CVE-2014-2599

Loading...

General

Score:4.9/10.0
Severity:Low
Category:Input Validation Error

Impact Metrics

Confidentiality:None
Integrity:None
Availability:Complete

Exploitability Metrics

Access Vector:Local
Access Complexity:Low
Authentication:None

Relative vulnerabilities

CVE-2013-1432, CVE-2013-1442, CVE-2013-2076, CVE-2013-2077, CVE-2013-2078, CVE-2013-2194, CVE-2013-2195, CVE-2013-2196, CVE-2013-2211, CVE-2013-3495, CVE-2013-4329, CVE-2013-4344, CVE-2013-4355, CVE-2013-4361, CVE-2013-4368, CVE-2013-4494, CVE-2013-4540, CVE-2013-4553, CVE-2014-1950, CVE-2014-3124, CVE-2014-3967, CVE-2014-3968, CVE-2014-4021, CVE-2014-7154, CVE-2014-7155, CVE-2014-7156, CVE-2014-7188, CVE-2014-8594, CVE-2014-8595, CVE-2014-8866, CVE-2014-8867, CVE-2014-9030

Published on 28/03/14 - Updated on 07/01/17

Description

The HVMOP_set_mem_access HVM control operations in Xen 4.1.x for 32-bit and 4.1.x through 4.4.x for 64-bit allow local guest administrators to cause a denial of service (CPU consumption) by leveraging access to certain service domains for HVM guests and a large input.

Category: Input Validation Error

CWE-20 (Input Validation)
The product does not validate or incorrectly validates input that can affect the control flow or data flow of a program.

Security Notices

US National Vulnerability DatabaseCVE-2014-2599
Debian DSA-3006-1
SUSE SUSE-SU-2014:1318, SUSE-SU-2014:1710

Exploits

No exploits available for this CVE in our database.

Relative technologies

VendorProduct
xenxen

Share this vulnerability with:

Twitter Facebook LinkedIn Mail