Candidate: CVE-2014-3717
PublicDate: 2014-05-19 14:55:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3717
 http://xenbits.xen.org/xsa/advisory-95.html
 http://www.openwall.com/lists/oss-security/2014/05/16/1
 http://www.openwall.com/lists/oss-security/2014/05/15/6
 http://www.openwall.com/lists/oss-security/2014/05/14/4
Description:
 Xen 4.4.x does not properly validate the load address for 64-bit ARM guest
 kernels, which allows local users to read system memory or cause a denial
 of service (crash) via a crafted kernel, which triggers a buffer overflow.
Ubuntu-Description:
Notes:
 mdeslaur> 32- and 64-bit ARM systems only, 4.4.x only
Bugs:
Priority: medium
Discovered-by: Thomas Leonard
Assigned-to:
CVSS: 

Patches_xen-3.3:
Tags_xen-3.3: universe-binary
upstream_xen-3.3: ignored (reached end-of-life)
lucid_xen-3.3: not-affected
precise_xen-3.3: DNE
quantal_xen-3.3: DNE
saucy_xen-3.3: DNE
trusty_xen-3.3: DNE
trusty/esm_xen-3.3: DNE
devel_xen-3.3: DNE

Patches_xen:
Tags_xen: universe-binary
upstream_xen: needs-triage
lucid_xen: DNE
precise_xen: not-affected
quantal_xen: not-affected
saucy_xen: not-affected
trusty_xen: released (4.4.0-0ubuntu5.1)
trusty/esm_xen: DNE (trusty was released [4.4.0-0ubuntu5.1])
devel_xen: released (4.4.0-0ubuntu6)