CVE-2014-9066

Severity

47%

Complexity

34%

Confidentiality

115%

Xen 4.4.x and earlier, when using a large number of VCPUs, does not properly handle read and write locks, which allows local x86 guest users to cause a denial of service (write denial or NMI watchdog timeout and host crash) via a large number of read requests, a different vulnerability than CVE-2014-9065.

Xen 4.4.x and earlier, when using a large number of VCPUs, does not properly handle read and write locks, which allows local x86 guest users to cause a denial of service (write denial or NMI watchdog timeout and host crash) via a large number of read requests, a different vulnerability than CVE-2014-9065.

CVSS 2.0 Base Score 4.7. CVSS Attack Vector: local. CVSS Attack Complexity: medium. CVSS Vector: (AV:L/AC:M/Au:N/C:N/I:N/A:C).

Overview

First reported 10 years ago

2014-12-09 23:59:00

Last updated 6 years ago

2018-10-30 16:27:00

Affected Software

Xen

OpenSUSE 13.1

13.1

OpenSUSE 13.2

13.2

References

openSUSE-SU-2015:0226

openSUSE-SU-2015:0256

[oss-security] 20141208 Xen Security Advisory 114 (CVE-2014-9065,CVE-2014-9066) - p2m lock starvation

71546

http://xenbits.xen.org/xsa/advisory-114.html

Patch, Vendor Advisory

GLSA-201504-04

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.