Vulnerabilities

CVE-2014-1896

by Fred · 31/03/2014

The (1) do_send and (2) do_recv functions in io.c in libvchan in Xen 4.2.x, 4.3.x, and 4.4-RC series allows local guests to cause a denial of service or possibly gain privileges via crafted xenstore ring indexes, which triggers a "read or write past the end of the ring."

Date published : 2014-03-31

http://xenbits.xen.org/xsa/advisory-86.html

http://xenbits.xen.org/xsa/xsa86.patch

Related

Tags: Cybersecurity Alert