CVE-2014-8867

Published: 01 December 2014

The acceleration support for the "REP MOVS" instruction in Xen 4.4.x, 3.2.x, and earlier lacks properly bounds checking for memory mapped I/O (MMIO) emulated in the hypervisor, which allows local HVM guests to cause a denial of service (host crash) via unspecified vectors.

Priority

Medium

Status

Package Release Status
xen
Launchpad, Ubuntu, Debian
Upstream Needed

Ubuntu 14.04 ESM (Trusty Tahr) Does not exist
(trusty was released [4.4.1-0ubuntu0.14.04.2])
Patches:
Upstream: https://marc.info/?l=oss-security&m=141709017105148&q=p3 (4.2)
Upstream: https://marc.info/?l=oss-security&m=141709017105148&q=p4 (4.3+)
Binaries built from this source package are in Universe and so are supported by the community.
xen-3.3
Launchpad, Ubuntu, Debian
Upstream Ignored
(reached end-of-life)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

Binaries built from this source package are in Universe and so are supported by the community.