CVE-2014-1642 in Xeninformation

Résumé

par MITRE

The IRQ setup in Xen 4.2.x and 4.3.x, when using device passthrough and configured to support a large number of CPUs, frees certain memory that may still be intended for use, which allows local guest administrators to cause a denial of service (memory corruption and hypervisor crash) and possibly execute arbitrary code via vectors related to an out-of-memory error that triggers a (1) use-after-free or (2) double free.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

Sources

Want to stay up to date on a daily basis?

Enable the mail alert feature now!