Candidate: CVE-2014-1893
PublicDate: 2014-04-01 06:35:00 UTC
References: 
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1893
 http://lists.xen.org/archives/html/xen-announce/2014-02/msg00005.html
Description:
 Multiple integer overflows in the (1) FLASK_GETBOOL and (2) FLASK_SETBOOL
 suboperations in the flask hypercall in Xen 4.1.x, 3.3.x, 3.2.x, and
 earlier, when XSM is enabled, allow local users to cause a denial of
 service (processor fault) via unspecified vectors, a different
 vulnerability than CVE-2014-1891, CVE-2014-1892, and CVE-2014-1894.
Ubuntu-Description: 
Notes: 
 mdeslaur> This is XSA-84
 mdeslaur> 3.3-4.1 only
Bugs: 
Priority: medium
Discovered-by: Matthew Daley
Assigned-to: 
CVSS: 

Patches_xen-3.3:
Tags_xen-3.3: universe-binary
upstream_xen-3.3: ignored (reached end-of-life)
lucid_xen-3.3: ignored (reached end-of-life)
precise_xen-3.3: DNE
quantal_xen-3.3: DNE
saucy_xen-3.3: DNE
devel_xen-3.3: DNE

Patches_xen:
Tags_xen: universe-binary
upstream_xen: needs-triage
lucid_xen: DNE
precise_xen: released (4.1.5-0ubuntu0.12.04.3)
quantal_xen: released (4.1.5-0ubuntu0.12.10.3)
saucy_xen: not-affected
devel_xen: not-affected