Vulnerabilities > CVE-2014-8595 - Code vulnerability in multiple products

047910
CVSS 1.9 - LOW
Attack vector
LOCAL
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
PARTIAL

Summary

arch/x86/x86_emulate/x86_emulate.c in Xen 3.2.1 through 4.4.x does not properly check privileges, which allows local HVM guest users to gain privileges or cause a denial of service (crash) via a crafted (1) CALL, (2) JMP, (3) RETF, (4) LCALL, (5) LJMP, or (6) LRET far branch instruction.

Common Weakness Enumeration (CWE)

Nessus

  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2014-15521.NASL
    descriptionGuest effectable page reference leak in MMU_MACHPHYS_UPDATE handling Insufficient restrictions on certain MMU update hypercalls, Missing privilege level checks in x86 emulation of far branches, Add fix for CVE-2014-0150 to qemu-dm, though it probably isn
    last seen2020-03-17
    modified2014-12-02
    plugin id79652
    published2014-12-02
    reporterThis script is Copyright (C) 2014-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/79652
    titleFedora 20 : xen-4.3.3-5.fc20 (2014-15521)
  • NASL familyGentoo Local Security Checks
    NASL idGENTOO_GLSA-201504-04.NASL
    descriptionThe remote host is affected by the vulnerability described in GLSA-201504-04 (Xen: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in Xen. Please review the CVE identifiers referenced below for details. Impact : A local attacker could possibly cause a Denial of Service condition or obtain sensitive information. Workaround : There is no known workaround at this time.
    last seen2020-06-01
    modified2020-06-02
    plugin id82734
    published2015-04-13
    reporterThis script is Copyright (C) 2015 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/82734
    titleGLSA-201504-04 : Xen: Multiple vulnerabilities
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2014-1691-1.NASL
    descriptionXen has been updated to fix six security issues : - Guest effectable page reference leak in MMU_MACHPHYS_UPDATE handling (CVE-2014-9030). - Insufficient bounding of
    last seen2020-06-05
    modified2015-05-20
    plugin id83651
    published2015-05-20
    reporterThis script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/83651
    titleSUSE SLES10 Security Update : Xen (SUSE-SU-2014:1691-1)
  • NASL familyOracleVM Local Security Checks
    NASL idORACLEVM_OVMSA-2015-0004.NASL
    descriptionThe remote OracleVM system is missing necessary patches to address critical security updates : please see Oracle VM Security Advisory OVMSA-2015-0004 for details.
    last seen2020-06-01
    modified2020-06-02
    plugin id80928
    published2015-01-23
    reporterThis script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/80928
    titleOracleVM 3.3 : xen (OVMSA-2015-0004)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2014-15503.NASL
    descriptionGuest effectable page reference leak in MMU_MACHPHYS_UPDATE handling Insufficient restrictions on certain MMU update hypercalls, Missing privilege level checks in x86 emulation of far branches, Add fix for CVE-2014-0150 to qemu-dm, though it probably isn
    last seen2020-03-17
    modified2014-12-02
    plugin id79651
    published2014-12-02
    reporterThis script is Copyright (C) 2014-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/79651
    titleFedora 19 : xen-4.2.5-5.fc19 (2014-15503)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2014-1710-1.NASL
    descriptionxen was updated to fix 14 security issues : - Guest effectable page reference leak in MMU_MACHPHYS_UPDATE handling (CVE-2014-9030). - Insufficient bounding of
    last seen2020-06-05
    modified2015-05-20
    plugin id83654
    published2015-05-20
    reporterThis script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/83654
    titleSUSE SLES11 Security Update : xen (SUSE-SU-2014:1710-1)
  • NASL familyMisc.
    NASL idCITRIX_XENSERVER_CTX200288.NASL
    descriptionThe remote host is running a version of Citrix XenServer that is affected by multiple vulnerabilities : - A local privilege escalation vulnerability exists due to improperly restricted access to
    last seen2020-06-01
    modified2020-06-02
    plugin id79745
    published2014-12-05
    reporterThis script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/79745
    titleCitrix XenServer Multiple Vulnerabilities (CTX200288)
  • NASL familyOracleVM Local Security Checks
    NASL idORACLEVM_OVMSA-2018-0248.NASL
    descriptionThe remote OracleVM system is missing necessary patches to address critical security updates : please see Oracle VM Security Advisory OVMSA-2018-0248 for details.
    last seen2020-06-01
    modified2020-06-02
    plugin id111992
    published2018-08-20
    reporterThis script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/111992
    titleOracleVM 3.4 : xen (OVMSA-2018-0248) (Bunker Buster) (Foreshadow) (Meltdown) (POODLE) (Spectre)
  • NASL familyOracleVM Local Security Checks
    NASL idORACLEVM_OVMSA-2015-0096.NASL
    descriptionThe remote OracleVM system is missing necessary patches to address critical security updates : please see Oracle VM Security Advisory OVMSA-2015-0096 for details.
    last seen2020-06-01
    modified2020-06-02
    plugin id85038
    published2015-07-28
    reporterThis script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/85038
    titleOracleVM 3.2 : xen (OVMSA-2015-0096)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_11_XEN-11SP3-2014-11-26-141127.NASL
    descriptionXen has been updated to version 4.2.5 with additional patches to fix six security issues : - Guest effectable page reference leak in MMU_MACHPHYS_UPDATE handling. (CVE-2014-9030) - Insufficient bounding of
    last seen2020-06-05
    modified2014-12-26
    plugin id80254
    published2014-12-26
    reporterThis script is Copyright (C) 2014-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/80254
    titleSuSE 11.3 Security Update : Xen (SAT Patch Number 10018)
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2015-129.NASL
    descriptionThe XEN virtualization was updated to fix bugs and security issues : Security issues fixed: CVE-2015-0361: XSA-116: xen: xen crash due to use after free on hvm guest teardown CVE-2014-9065, CVE-2014-9066: XSA-114: xen: p2m lock starvation CVE-2014-9030: XSA-113: Guest effectable page reference leak in MMU_MACHPHYS_UPDATE handling CVE-2014-8867: XSA-112: xen: Insufficient bounding of
    last seen2020-06-05
    modified2015-02-12
    plugin id81305
    published2015-02-12
    reporterThis script is Copyright (C) 2015-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/81305
    titleopenSUSE Security Update : xen (openSUSE-2015-129)
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DSA-3140.NASL
    descriptionMultiple security issues have been discovered in the Xen virtualisation solution which may result in denial of service, information disclosure or privilege escalation. - CVE-2014-8594 Roger Pau Monne and Jan Beulich discovered that incomplete restrictions on MMU update hypercalls may result in privilege escalation. - CVE-2014-8595 Jan Beulich discovered that missing privilege level checks in the x86 emulation of far branches may result in privilege escalation. - CVE-2014-8866 Jan Beulich discovered that an error in compatibility mode hypercall argument translation may result in denial of service. - CVE-2014-8867 Jan Beulich discovered that an insufficient restriction in acceleration support for the
    last seen2020-03-17
    modified2015-01-28
    plugin id81027
    published2015-01-28
    reporterThis script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/81027
    titleDebian DSA-3140-1 : xen - security update
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2014-15951.NASL
    descriptionExcessive checking in compatibility mode hypercall argument translation, Insufficient bounding of
    last seen2020-03-17
    modified2014-12-15
    plugin id79902
    published2014-12-15
    reporterThis script is Copyright (C) 2014-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/79902
    titleFedora 21 : xen-4.4.1-9.fc21 (2014-15951)
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2015-113.NASL
    descriptionThe virtualization software XEN was updated to version 4.3.3 and also to fix bugs and security issues. Security issues fixed: CVE-2015-0361: XSA-116: xen: xen crash due to use after free on hvm guest teardown CVE-2014-9065, CVE-2014-9066: XSA-114: xen: p2m lock starvation CVE-2014-9030: XSA-113: Guest effectable page reference leak in MMU_MACHPHYS_UPDATE handling CVE-2014-8867: XSA-112: xen: Insufficient bounding of
    last seen2020-06-05
    modified2015-02-09
    plugin id81239
    published2015-02-09
    reporterThis script is Copyright (C) 2015-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/81239
    titleopenSUSE Security Update : xen (openSUSE-2015-113)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2014-1732-1.NASL
    descriptionxen was updated to fix 10 security issues : - Guest effectable page reference leak in MMU_MACHPHYS_UPDATE handling (CVE-2014-9030). - Insufficient bounding of
    last seen2020-06-05
    modified2015-05-20
    plugin id83659
    published2015-05-20
    reporterThis script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/83659
    titleSUSE SLES11 Security Update : xen (SUSE-SU-2014:1732-1)