Candidate: CVE-2014-8594
PublicDate: 2014-11-19 18:59:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8594
 http://xenbits.xen.org/xsa/advisory-109.html
Description:
 The do_mmu_update function in arch/x86/mm.c in Xen 4.x through 4.4.x does
 not properly restrict updates to only PV page tables, which allows remote
 PV guests to cause a denial of service (NULL pointer dereference) by
 leveraging hardware emulation services for HVM guests using Hardware
 Assisted Paging (HAP).
Ubuntu-Description:
Notes:
 mdeslaur> 4.0+
Bugs:
 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=770230
Priority: medium
Discovered-by:
Assigned-to:
CVSS: 

Patches_xen-3.3:
Tags_xen-3.3: universe-binary
upstream_xen-3.3: ignored (reached end-of-life)
lucid_xen-3.3: not-affected
precise_xen-3.3: DNE
trusty_xen-3.3: DNE
trusty/esm_xen-3.3: DNE
utopic_xen-3.3: DNE
devel_xen-3.3: DNE

Patches_xen:
Tags_xen: universe-binary
upstream_xen: needed
lucid_xen: DNE
precise_xen: released (4.1.6.1-0ubuntu0.12.04.4)
trusty_xen: released (4.4.1-0ubuntu0.14.04.2)
trusty/esm_xen: DNE (trusty was released [4.4.1-0ubuntu0.14.04.2])
utopic_xen: released (4.4.1-0ubuntu0.14.10.2)
devel_xen: released (4.4.1-3ubuntu2)