Multiple integer overflows in the (1) FLASK_GETBOOL, (2) FLASK_SETBOOL, (3) FLASK_USER, and (4) FLASK_CONTEXT_TO_SID suboperations in the flask hypercall in Xen 4.3.x, 4.2.x, 4.1.x, 3.2.x, and previous versions, when XSM is enabled, allow local users to cause a denial of service (processor fault) via unspecified vectors, a different vulnerability than CVE-2014-1892, CVE-2014-1893, and CVE-2014-1894.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
xen xen 3.2.0 |
||
xen xen 3.2.1 |
||
xen xen 3.4.1 |
||
xen xen 3.4.2 |
||
xen xen 4.1.4 |
||
xen xen 4.1.5 |
||
xen xen 3.2.2 |
||
xen xen 3.2.3 |
||
xen xen 3.4.3 |
||
xen xen 3.4.4 |
||
xen xen 4.1.6.1 |
||
xen xen 4.2.0 |
||
xen xen 4.2.1 |
||
xen xen 3.3.2 |
||
xen xen 3.4.0 |
||
xen xen 4.1.2 |
||
xen xen 4.1.3 |
||
xen xen 4.3.1 |
||
xen xen |
||
xen xen 3.3.0 |
||
xen xen 3.3.1 |
||
xen xen 4.1.0 |
||
xen xen 4.1.1 |
||
xen xen 4.2.2 |
||
xen xen 4.2.3 |