CVE-2014-8867

Published: 01 December 2014

The acceleration support for the "REP MOVS" instruction in Xen 4.4.x, 3.2.x, and earlier lacks properly bounds checking for memory mapped I/O (MMIO) emulated in the hypervisor, which allows local HVM guests to cause a denial of service (host crash) via unspecified vectors.

Priority

Status

Package	Release	Status
xen Launchpad, Ubuntu, Debian	Upstream	Needed





	Ubuntu 14.04 ESM (Trusty Tahr)	Does not exist (trusty was released [4.4.1-0ubuntu0.14.04.2])
	Patches: Upstream: https://marc.info/?l=oss-security&m=141709017105148&q=p3 (4.2) Upstream: https://marc.info/?l=oss-security&m=141709017105148&q=p4 (4.3+)
	Binaries built from this source package are in Universe and so are supported by the community.
xen-3.3 Launchpad, Ubuntu, Debian	Upstream	Ignored (reached end-of-life)





	Ubuntu 14.04 ESM (Trusty Tahr)	Does not exist
	Binaries built from this source package are in Universe and so are supported by the community.

References

Bugs

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=770230

Join the discussion

Canonical is offering Extended Security Maintenance

Canonical is offering Ubuntu 14.04 Extended Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM