1
Candidate: CVE-2014-2915
4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2915
5
http://www.openwall.com/lists/oss-security/2014/04/23/2
6
http://lists.xen.org/archives/html/xen-announce/2014-04/msg00003.html
7
http://xenbits.xenproject.org/xsa/advisory-93.html
9
Xen 4.4.x, when running on ARM systems, does not properly restrict access
10
to hardware features, which allows local guest users to cause a denial of
11
service (host or guest crash) via unspecified vectors, related to (1) cache
12
control, (2) coprocessors, (3) debug registers, and (4) other unspecified
16
sarnold> Only affects ARM 32 bit, ARM 64 bit, 4.4 and newer.
17
sarnold> Only "medium" because advisory indicates privilege escalation
18
is not thought possible
21
Discovered-by: Thomas Leonard and Julien Grall
25
Tags_xen-3.3: universe-binary
26
upstream_xen-3.3: ignored (reached end-of-life)
27
lucid_xen-3.3: not-affected
35
upstream: http://lists.xen.org/archives/html/xen-announce/2014-04/binaZ6cF2rFFv.bin (p1)
36
upstream: http://lists.xen.org/archives/html/xen-announce/2014-04/bin_ugBJvAPZP.bin (p2)
37
upstream: http://lists.xen.org/archives/html/xen-announce/2014-04/bini3rTlVIueR.bin (p3)
38
upstream: http://lists.xen.org/archives/html/xen-announce/2014-04/binaqo2yyFNjK.bin (p4)
39
upstream: http://lists.xen.org/archives/html/xen-announce/2014-04/binr2uF18q90z.bin (p5)
40
upstream: http://lists.xen.org/archives/html/xen-announce/2014-04/biniG0pmvXkat.bin (p6)
41
Tags_xen: universe-binary
44
precise_xen: not-affected
45
quantal_xen: not-affected
46
saucy_xen: not-affected
47
trusty_xen: released (4.4.0-0ubuntu5.1)
48
devel_xen: released (4.4.0-0ubuntu6)