Vulnerability CVE-2014-5147: Information

Description

Xen 4.4.x, when running a 64-bit kernel on an ARM system, does not properly handle traps from the guest domain that use a different address width, which allows local guest users to cause a denial of service (host crash) via a crafted 32-bit process.

Severity: MEDIUM (4.3)

URL: https://nvd.nist.gov/vuln/detail/CVE-2014-5147

Published: Aug. 29, 2014

Modified: Oct. 30, 2018

Error type identifier: CWE-264

Fixed packages

Package name	Branch	Fixed in version	Version from repository	Errata ID	Task #	State
xen	p10	4.4.1-alt1	4.14.1-alt2	ALT-PU-2014-2061-1	128919	Fixed
xen	p9	4.4.1-alt1	4.10.3-alt1	ALT-PU-2014-2061-1	128919	Fixed
xen	c10f1	4.4.1-alt1	4.14.1-alt2	ALT-PU-2014-2061-1	128919	Fixed
xen	c9f2	4.4.1-alt1	4.10.3-alt1	ALT-PU-2014-2061-1	128919	Fixed

References to Advisories, Solutions, and Tools

Hyperlink	Resource
http://xenbits.xen.org/xsa/advisory-102.html	Patch Vendor Advisory
1030724

Affected configurations:
1. Configuration 1
  cpe:2.3:o:xen:xen:4.4.0:rc1:*:*:*:*:*:*
  cpe:2.3:o:xen:xen:4.4.0:*:*:*:*:*:*:*

Version: v24.5.1

Vulnerability CVE-2014-5147: Information

Description

Fixed packages

References to Advisories, Solutions, and Tools

Configuration 1