CVE-2014-1642

Severity

44%

Complexity

34%

Confidentiality

106%

The IRQ setup in Xen 4.2.x and 4.3.x, when using device passthrough and configured to support a large number of CPUs, frees certain memory that may still be intended for use, which allows local guest administrators to cause a denial of service (memory corruption and hypervisor crash) and possibly execute arbitrary code via vectors related to an out-of-memory error that triggers a (1) use-after-free or (2) double free.

The IRQ setup in Xen 4.2.x and 4.3.x, when using device passthrough and configured to support a large number of CPUs, frees certain memory that may still be intended for use, which allows local guest administrators to cause a denial of service (memory corruption and hypervisor crash) and possibly execute arbitrary code via vectors related to an out-of-memory error that triggers a (1) use-after-free or (2) double free.

CVSS 2.0 Base Score 4.4. CVSS Attack Vector: local. CVSS Attack Complexity: medium. CVSS Vector: (AV:L/AC:M/Au:N/C:P/I:P/A:P).

Overview

Type

Xen

First reported 11 years ago

2014-01-26 16:58:00

Last updated 7 years ago

2018-01-03 02:29:00

Affected Software

Xen 4.2.0

4.2.0

Xen 4.2.1

4.2.1

Xen 4.2.2

4.2.2

Xen 4.2.3

4.2.3

Xen Xen 4.3.0

4.3.0

Xen 4.3.1

4.3.1

References

FEDORA-2014-1559

FEDORA-2014-1552

SUSE-SU-2014:0373

102406

56557

Vendor Advisory

GLSA-201407-03

[oss-security] 20140123 Xen Security Advisory 83 (CVE-2014-1642) - Out-of-memory condition yielding memory corruption during IRQ setup

65097

1029679

http://xenbits.xen.org/xsa/advisory-83.html

Vendor Advisory

xen-irq-cve20141642-code-exec(90649)

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.