CVE-2014-3967

Publication date 5 June 2014

Last updated 24 July 2024


Ubuntu priority

The HVMOP_inject_msi function in Xen 4.2.x, 4.3.x, and 4.4.x does not properly check the return value from the IRQ setup check, which allows local HVM guest administrators to cause a denial of service (NULL pointer dereference and crash) via unspecified vectors.

Status

Package Ubuntu Release Status
xen 14.04 LTS trusty
Fixed 4.4.0-0ubuntu5.1
13.10 saucy
Fixed 4.3.0-1ubuntu1.4
12.04 LTS precise
Not affected
10.04 LTS lucid Not in release
xen-3.3 14.04 LTS trusty Not in release
13.10 saucy Not in release
12.04 LTS precise Not in release
10.04 LTS lucid
Not affected