Description
Xen 4.4.x, when running on ARM systems, does not properly restrict access to hardware features, which allows local guest users to cause a denial of service (host or guest crash) via unspecified vectors, related to (1) cache control, (2) coprocessors, (3) debug registers, and (4) other unspecified registers.
References (4)
Core 4
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1030135
Vendor Advisory x_refsource_confirm
http://xenbits.xen.org/xsa/advisory-93.html
Mailing List mailing-list
x_refsource_mlist
http://www.openwall.com/lists/oss-security/2014/04/23/2
Mailing List mailing-list
x_refsource_mlist
http://www.openwall.com/lists/oss-security/2014/04/22/10
Scores
EPSS
0.0012
EPSS Percentile
30.2%
Details
CWE
CWE-264
Status
published
Products (1)
xen/xen
4.4.0 (2 CPE variants)
Published
Apr 24, 2014
Tracked Since
Feb 18, 2026