CVE-2014-2580

Severity

44%

Complexity

27%

Confidentiality

115%

The netback driver in Xen, when using certain Linux versions that do not allow sleeping in softirq context, allows local guest administrators to cause a denial of service ("scheduling while atomic" error and host crash) via a malformed packet, which causes a mutex to be taken when trying to disable the interface.

The netback driver in Xen, when using certain Linux versions that do not allow sleeping in softirq context, allows local guest administrators to cause a denial of service ("scheduling while atomic" error and host crash) via a malformed packet, which causes a mutex to be taken when trying to disable the interface.

CVSS 2.0 Base Score 4.4. CVSS Attack Vector: local. CVSS Attack Complexity: medium. CVSS Vector: (AV:L/AC:M/Au:S/C:N/I:N/A:C).

Overview

First reported 10 years ago

2014-04-15 23:13:00

Last updated 10 years ago

2014-04-16 13:57:00

Affected Software

Xen

References

[oss-security] 20140324 Xen Security Advisory 90 - Linux netback crash trying to disable due to malformed packet

[oss-security] 20140324 Re: Xen Security Advisory 90 - Linux netback crash trying to disable due to malformed packet

66386

1029949

http://xenbits.xen.org/xsa/advisory-90.html

Patch, Vendor Advisory

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.