Description
The qdisk PV disk backend in qemu-xen in Xen 4.2.x and 4.3.x before 4.3.1, and qemu 1.1 and other versions, allows local HVM guests to cause a denial of service (domain grant reference consumption) via unspecified vectors.
References (4)
Core 4
Core References
Vendor Advisory x_refsource_confirm
http://xenproject.org/downloads/xen-archives/supported-xen-43-series/xen-431.html
Third Party Advisory vendor-advisory
x_refsource_gentoo
http://security.gentoo.org/glsa/glsa-201407-03.xml
Vendor Advisory vendor-advisory
x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-2092-1
Mailing List mailing-list
x_refsource_mlist
http://www.openwall.com/lists/oss-security/2013/10/10/14
Scores
EPSS
0.0009
EPSS Percentile
25.6%
Details
CWE
CWE-399
Status
published
Products (6)
qemu/qemu
1.1 (5 CPE variants)
xen/xen
4.2.0
xen/xen
4.2.1
xen/xen
4.2.2
xen/xen
4.2.3
xen/xen
4.3.0
Published
Jan 19, 2014
Tracked Since
Feb 18, 2026