CVE-2014-7188

The hvm_msr_read_intercept function in arch/x86/hvm/hvm.c in Xen 4.1 through 4.4.x uses an improper MSR range for x2APIC emulation, which allows local HVM guests to cause a denial of service (host crash) or read data from the hypervisor or other guests via unspecified vectors.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
8.3 UNKNOWN
ADJACENT_NETWORK
LOW
AV:A/AC:L/Au:N/C:C/I:C/A:C
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 84%
VendorProductVersion
xenxen
4.1.0
xenxen
4.1.1
xenxen
4.1.2
xenxen
4.1.3
xenxen
4.1.4
xenxen
4.1.5
xenxen
4.1.6.1
xenxen
4.2.0
xenxen
4.2.1
xenxen
4.2.2
xenxen
4.2.3
xenxen
4.3.0
xenxen
4.3.1
xenxen
4.4.0
xenxen
4.4.0:rc1
xenxen
4.4.1
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
xen
bullseye
4.14.6-1
fixed
bullseye (security)
4.14.5+94-ge49571868d-1
fixed
bookworm
4.17.3+10-g091466ba55-1~deb12u1
fixed
sid
4.17.3+36-g54dacb5c02-1
fixed
trixie
4.17.3+36-g54dacb5c02-1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
xen
vivid
Fixed 4.4.1-3ubuntu1
released
utopic
Fixed 4.4.0-0ubuntu8
released
trusty
Fixed 4.4.0-0ubuntu5.2
released
precise
Fixed 4.1.6.1-0ubuntu0.12.04.3
released
lucid
dne
xen-3.3
vivid
dne
utopic
dne
trusty
dne
precise
dne
lucid
ignored
Common Weakness Enumeration
References
http://lists.fedoraproject.org/pipermail/package-announce/2014-October/140199.html
http://lists.fedoraproject.org/pipermail/package-announce/2014-October/140418.html
http://lists.fedoraproject.org/pipermail/package-announce/2014-October/140483.html
http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00002.html
http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00003.html
http://secunia.com/advisories/61664
http://secunia.com/advisories/61858
http://secunia.com/advisories/61890
http://security.gentoo.org/glsa/glsa-201412-42.xml
http://support.citrix.com/article/CTX200218
http://support.citrix.com/article/CTX201794
http://www.c7zero.info/stuff/csw2017_ExploringYourSystemDeeper_updated.pdf
http://www.debian.org/security/2014/dsa-3041
http://www.securityfocus.com/bid/70198
http://www.securitytracker.com/id/1030936
http://xenbits.xen.org/xsa/advisory-108.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/96785
http://lists.fedoraproject.org/pipermail/package-announce/2014-October/140199.html
http://lists.fedoraproject.org/pipermail/package-announce/2014-October/140418.html
http://lists.fedoraproject.org/pipermail/package-announce/2014-October/140483.html
http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00002.html
http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00003.html
http://secunia.com/advisories/61664
http://secunia.com/advisories/61858
http://secunia.com/advisories/61890
http://security.gentoo.org/glsa/glsa-201412-42.xml
http://support.citrix.com/article/CTX200218
http://support.citrix.com/article/CTX201794
http://www.c7zero.info/stuff/csw2017_ExploringYourSystemDeeper_updated.pdf
http://www.debian.org/security/2014/dsa-3041
http://www.securityfocus.com/bid/70198
http://www.securitytracker.com/id/1030936
http://xenbits.xen.org/xsa/advisory-108.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/96785