CVE-2014-9030

Published: 24 November 2014

The do_mmu_update function in arch/x86/mm.c in Xen 3.2.x through 4.4.x does not properly manage page references, which allows remote domains to cause a denial of service by leveraging control over an HVM guest and a crafted MMU_MACHPHYS_UPDATE.

Priority

Status

Package	Release	Status
xen Launchpad, Ubuntu, Debian	Upstream	Needs triage





	Ubuntu 14.04 ESM (Trusty Tahr)	Does not exist (trusty was released [4.4.1-0ubuntu0.14.04.2])
	Binaries built from this source package are in Universe and so are supported by the community.
xen-3.3 Launchpad, Ubuntu, Debian	Upstream	Ignored (reached end-of-life)





	Ubuntu 14.04 ESM (Trusty Tahr)	Does not exist
	Binaries built from this source package are in Universe and so are supported by the community.

References

Bugs

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=770230

Join the discussion

Canonical is offering Extended Security Maintenance

Canonical is offering Ubuntu 14.04 Extended Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM