Oval Definition:	oval:com.ubuntu.precise:def:20142580000
Revision Date: 2014-04-15 Version: 1 Title: CVE-2014-2580 on Ubuntu 12.04 LTS (precise) - medium. Description: The netback driver in Xen, when using certain Linux versions that do not allow sleeping in softirq context, allows local guest administrators to cause a denial of service ("scheduling while atomic" error and host crash) via a malformed packet, which causes a mutex to be taken when trying to disable the interface. Török Edwin discovered a flaw with Xen netback driver when used with Linux configurations that do not allow sleeping in softirq context. A guest administrator could exploit this flaw to cause a denial of service (system crash) on the host. Family: unix Class: vulnerability Status: Reference(s): CVE-2014-2580 Platform(s): Ubuntu 12.04 LTS Product(s): Definition Synopsis Ubuntu 12.04 LTS (precise) is installed. AND Package Information NOT While related to the CVE in some way, the 'linux' package in precise is not affected. OR NOT While related to the CVE in some way, the 'linux-armadaxp' package in precise is not affected. OR While related to the CVE in some way, a decision has been made to ignore it (note: 'abandoned'). OR While related to the CVE in some way, a decision has been made to ignore it (note: 'abandoned'). OR While related to the CVE in some way, a decision has been made to ignore it (note: 'abandoned'). OR NOT While related to the CVE in some way, the 'linux-lts-quantal' package in precise is not affected. OR NOT While related to the CVE in some way, the 'linux-lts-raring' package in precise is not affected. OR NOT While related to the CVE in some way, the 'linux-lts-saucy' package in precise is not affected. OR The 'linux-lts-trusty' package in precise was vulnerable but has been fixed (note: '3.13.0-27.50~precise1'). OR While related to the CVE in some way, a decision has been made to ignore it (note: 'abandoned'). OR NOT While related to the CVE in some way, the 'linux-ti-omap4' package in precise is not affected.
BACK