CVE-2014-1894
Published Apr 1, 2014
Last updated 8 years ago
Overview
- Description
- Multiple integer overflows in unspecified suboperations in the flask hypercall in Xen 3.2.x and earlier, when XSM is enabled, allow local users to cause a denial of service (processor fault) via unspecified vectors, a different vulnerability than CVE-2014-1891, CVE-2014-1892, and CVE-2014-1893.
- Source
- cve@mitre.org
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 5.2
- Impact score
- 6.9
- Exploitability score
- 4.4
- Vector string
- AV:A/AC:M/Au:S/C:N/I:N/A:C
Weaknesses
- nvd@nist.gov
- CWE-189
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:xen:xen:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A81C5905-DA58-4944-B4DD-3BF0ED8DE1DD",
"versionEndIncluding": "3.2.3"
},
{
"criteria": "cpe:2.3:o:xen:xen:3.0.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E5D62197-4FF7-4B73-8DC6-6E9344AF7CAC"
},
{
"criteria": "cpe:2.3:o:xen:xen:3.0.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "44CAE6A7-9817-472C-B1C6-3FF196304D08"
},
{
"criteria": "cpe:2.3:o:xen:xen:3.0.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E96BB7DE-0A6A-4418-A879-159F5FF88615"
},
{
"criteria": "cpe:2.3:o:xen:xen:3.1.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7568820A-ED66-47DF-A9B0-27A474D6C2C6"
},
{
"criteria": "cpe:2.3:o:xen:xen:3.1.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5D8C046D-BE62-43BA-9F50-B4D383475EA8"
},
{
"criteria": "cpe:2.3:o:xen:xen:3.2.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B81B6EEB-D01E-432D-AEBF-707409741C0A"
},
{
"criteria": "cpe:2.3:o:xen:xen:3.2.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2A4B60DE-A8C0-459E-A99C-6EF0D3264B75"
},
{
"criteria": "cpe:2.3:o:xen:xen:3.2.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A83F4F7E-53CF-4066-857B-2154D25979D8"
}
],
"operator": "OR"
}
]
}
]