Vulnerability CVE-2014-3967

Vulnerability Name:

CVE-2014-3967 (CCN-93606)

Assigned:

2014-06-04

Published:

2014-06-04

Updated:

2018-10-30

Summary:

The HVMOP_inject_msi function in Xen 4.2.x, 4.3.x, and 4.4.x does not properly check the return value from the IRQ setup check, which allows local HVM guest administrators to cause a denial of service (NULL pointer dereference and crash) via unspecified vectors.
Per: http://cwe.mitre.org/data/definitions/476.html

"CWE-476: NULL Pointer Dereference"

CVSS v3 Severity:

4.0 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)

Exploitability Metrics:	Attack Vector (AV): Local Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Low

CVSS v2 Severity:

5.5 Medium (CVSS v2 Vector: AV:A/AC:L/Au:S/C:N/I:N/A:C)
4.1 Medium (Temporal CVSS v2 Vector: AV:A/AC:L/Au:S/C:N/I:N/A:C/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Adjacent_Network Access Complexity (AC): Low Authentication (Au): Single_Instance
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Complete

2.1 Low (CCN CVSS v2 Vector: AV:L/AC:L/Au:N/C:N/I:N/A:P)
1.6 Low (CCN Temporal CVSS v2 Vector: AV:L/AC:L/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Local Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Partial

Vulnerability Type:

CWE-Other

Vulnerability Consequences:

Denial of Service

References:

Source: MITRE
Type: CNA
CVE-2014-3967

Source: FEDORA
Type: UNKNOWN
FEDORA-2014-7423

Source: FEDORA
Type: UNKNOWN
FEDORA-2014-7408

Source: SUSE
Type: UNKNOWN
openSUSE-SU-2014:1279

Source: SUSE
Type: UNKNOWN
openSUSE-SU-2014:1281

Source: MLIST
Type: UNKNOWN
[oss-security] 20140604 Re: Xen Security Advisory 96 - Vulnerabilities in HVM MSI injection

Source: CCN
Type: OSVDB ID: 107703
Xen HVMOP_inject_msi IRQ Respective Condition Handling NULL Pointer Dereference Local DoS

Source: BID
Type: UNKNOWN
67794

Source: CCN
Type: BID-67794
Xen 'HVM MSI injection' CVE-2014-3967 Denial of Service Vulnerability

Source: SECTRACK
Type: UNKNOWN
1030322

Source: CONFIRM
Type: Patch, Vendor Advisory
http://xenbits.xen.org/xsa/advisory-96.html

Source: CCN
Type: XSA-96
Vulnerabilities in HVM MSI injection

Source: CCN
Type: Red Hat Bugzilla Bug 1102254
CVE-2014-3967 CVE-2014-3968 xen: Vulnerabilities in HVM MSI injection (XSA-96)

Source: XF
Type: UNKNOWN
xen-cve20143967-dos(93606)

Source: GENTOO
Type: UNKNOWN
GLSA-201504-04

Source: CCN
Type: WhiteSource Vulnerability Database
CVE-2014-3967

Vulnerable Configuration:

Configuration 1:

cpe:/o:xen:xen:4.2.0:*:*:*:*:*:*:*

OR cpe:/o:xen:xen:4.2.1:*:*:*:*:*:*:*

OR cpe:/o:xen:xen:4.2.2:*:*:*:*:*:*:*

OR cpe:/o:xen:xen:4.2.3:*:*:*:*:*:*:*

Configuration 2:

cpe:/o:xen:xen:4.4.0:*:*:*:*:*:*:*

OR cpe:/o:xen:xen:4.4.0:rc1:*:*:*:*:*:*

Configuration 3:

cpe:/o:opensuse:opensuse:12.3:*:*:*:*:*:*:*

OR cpe:/o:opensuse:opensuse:13.1:*:*:*:*:*:*:*

Configuration 4:

cpe:/o:xen:xen:4.3.0:*:*:*:*:*:*:*

OR cpe:/o:xen:xen:4.3.1:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:20143967	V	CVE-2014-3967	2022-05-20
oval:org.opensuse.security:def:26218	P	Security update for java-1_8_0-ibm (Important) (in QA)	2022-01-04
oval:org.opensuse.security:def:30285	P	Security update for xorg-x11-server (Important)	2021-12-20
oval:org.opensuse.security:def:55978	P	Security update for ruby2.1 (Important)	2021-12-01
oval:org.opensuse.security:def:34596	P	Security update for webkit2gtk3 (Important)	2021-11-23
oval:org.opensuse.security:def:56090	P	Security update for MozillaFirefox (Important)	2021-11-17
oval:org.opensuse.security:def:26161	P	Security update for samba (Important)	2021-11-10
oval:org.opensuse.security:def:57521	P	Security update for transfig (Important)	2021-10-29
oval:org.opensuse.security:def:26143	P	Security update for curl (Moderate)	2021-10-11
oval:org.opensuse.security:def:31688	P	Security update for python-urllib3 (Moderate)	2021-09-29
oval:org.opensuse.security:def:26132	P	Security update for MozillaFirefox (Important)	2021-09-22
oval:org.opensuse.security:def:26131	P	Security update for xen (Moderate)	2021-09-21
oval:org.opensuse.security:def:34539	P	Security update for postgresql13 (Moderate)	2021-09-16
oval:org.opensuse.security:def:56052	P	Security update for djvulibre (Important)	2021-08-05
oval:org.opensuse.security:def:32160	P	Security update for djvulibre (Important)	2021-08-05
oval:org.opensuse.security:def:55221	P	Security update for the Linux Kernel (Important)	2021-07-20
oval:org.opensuse.security:def:31650	P	Security update for arpwatch (Important)	2021-06-28
oval:org.opensuse.security:def:26080	P	Security update for libnettle (Important)	2021-06-23
oval:org.opensuse.security:def:30211	P	Security update for caribou (Important)	2021-06-10
oval:org.opensuse.security:def:36582	P	xen-devel-4.4.2_08-1.7 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:42734	P	xen-4.4.2_08-1.7 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:36327	P	xen-4.4.2_08-1.7 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:32103	P	Security update for the Linux Kernel (Live Patch 36 for SLE 12 SP3) (Important)	2021-06-04
oval:org.opensuse.security:def:30200	P	Security update for dhcp (Important)	2021-06-01
oval:org.opensuse.security:def:30199	P	Security update for djvulibre (Important)	2021-05-31
oval:org.opensuse.security:def:34441	P	Security update for libX11 (Moderate)	2021-05-26
oval:org.opensuse.security:def:55886	P	Security update for sudo (Important)	2021-04-20
oval:org.opensuse.security:def:26207	P	Security update for openssl-1_1 (Moderate)	2021-03-09
oval:org.opensuse.security:def:32247	P	Security update for the Linux Kernel (Live Patch 33 for SLE 12 SP3) (Important)	2021-02-10
oval:org.opensuse.security:def:57447	P	Security update for dnsmasq (Important)	2021-01-19
oval:org.opensuse.security:def:55778	P	Security update for the Linux Kernel (Live Patch 38 for SLE 12 SP2) (Important)	2020-12-07
oval:org.opensuse.security:def:32011	P	Security update for the Linux Kernel (Live Patch 34 for SLE 12 SP3) (Important)	2020-12-07
oval:org.opensuse.security:def:28858	P	Security update for python-cryptography (Moderate)	2020-12-04
oval:org.opensuse.security:def:35699	P	freeradius-server-2.1.1-7.10.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:35740	P	libarchive2-2.5.5-5.19 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:26803	P	perl-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27140	P	gstreamer-0_10-plugins-base on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27875	P	Security update for rubygem-activesupport	2020-12-01
oval:org.opensuse.security:def:26462	P	Security update for Mozilla Thunderbird (Important)	2020-12-01
oval:org.opensuse.security:def:26746	P	libfreebl3 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28039	P	Security update for crash (Low)	2020-12-01
oval:org.opensuse.security:def:28185	P	Security update for krb5 (Moderate)	2020-12-01
oval:org.opensuse.security:def:27408	P	ghostscript-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27612	P	Security update for Mozilla Firefox	2020-12-01
oval:org.opensuse.security:def:30805	P	Security update for clamav (Important)	2020-12-01
oval:org.opensuse.security:def:30968	P	Security update for gstreamer-0_10-plugins-base (Moderate)	2020-12-01
oval:org.opensuse.security:def:55493	P	Security update for webkitgtk (Moderate)	2020-12-01
oval:org.opensuse.security:def:54670	P	rpcbind on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:32508	P	expat on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:33251	P	rsyslog on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31794	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:34903	P	Security update for dhcpcd (Important)	2020-12-01
oval:org.opensuse.security:def:35061	P	Security update for java-1_6_0-ibm (Important)	2020-12-01
oval:org.opensuse.security:def:34209	P	Security update for perl-PlRPC (Moderate)	2020-12-01
oval:org.opensuse.security:def:26506	P	Security update for chromium (Important)	2020-12-01
oval:org.opensuse.security:def:26652	P	xorg-x11 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25876	P	Security update for libssh (Moderate)	2020-12-01
oval:org.opensuse.security:def:26708	P	glibc on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26863	P	apache2-mod_jk on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26887	P	ed on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27179	P	libdrm on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27910	P	Security update for Xen	2020-12-01
oval:org.opensuse.security:def:26473	P	Security update for Chromium (Important)	2020-12-01
oval:org.opensuse.security:def:27751	P	Security update for giflib (Moderate)	2020-12-01
oval:org.opensuse.security:def:28088	P	Security update for ghostscript-library (Moderate)	2020-12-01
oval:org.opensuse.security:def:28823	P	Security update for python-setuptools	2020-12-01
oval:org.opensuse.security:def:27409	P	gimp on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27694	P	Security update for MozillaFirefox	2020-12-01
oval:org.opensuse.security:def:30860	P	Security update for e2fsprogs (Moderate)	2020-12-01
oval:org.opensuse.security:def:31012	P	Security update for java-1_7_0-ibm (Important)	2020-12-01
oval:org.opensuse.security:def:30417	P	Security update for xorg-x11-libXfixes	2020-12-01
oval:org.opensuse.security:def:54810	P	imobiledevice-tools on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:32547	P	libapr-util1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:33290	P	xen on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31805	P	Security update for apache2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:34952	P	Security update for MozillaFirefox	2020-12-01
oval:org.opensuse.security:def:34210	P	Security update for perl-XML-LibXML (Important)	2020-12-01
oval:org.opensuse.security:def:26555	P	glib2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27290	P	shim on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25877	P	Security update for flash-player (Important)	2020-12-01
oval:org.opensuse.security:def:26761	P	libpulse-browse0 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26907	P	gnome-screensaver on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26335	P	security update for go (Low)	2020-12-01
oval:org.opensuse.security:def:27038	P	sysstat on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27193	P	libltdl7 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26537	P	dhcp on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27835	P	Security update for MozillaFirefox, MozillaFirefox-branding-SLED, mozilla-nss (Important)	2020-12-01
oval:org.opensuse.security:def:28127	P	Security update for icu (Moderate)	2020-12-01
oval:org.opensuse.security:def:27420	P	imlib2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:30563	P	Security update for pixman	2020-12-01
oval:org.opensuse.security:def:30909	P	Security update for freetype2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:30506	P	Security update for Mozilla Firefox	2020-12-01
oval:org.opensuse.security:def:56171	P	Security update for xen (Important)	2020-12-01
oval:org.opensuse.security:def:54647	P	pcsc-ccid on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:55048	P	yast2-users on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:32403	P	Security update for vim (Moderate)	2020-12-01
oval:org.opensuse.security:def:32569	P	libsoup-2_4-1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31879	P	Security update for dhcp (Moderate)	2020-12-01
oval:org.opensuse.security:def:34686	P	Security update for Xen	2020-12-01
oval:org.opensuse.security:def:34991	P	Security update for glibc (Important)	2020-12-01
oval:org.opensuse.security:def:34221	P	Security update for php5 (Moderate)	2020-12-01
oval:org.opensuse.security:def:26302	P	Security update for python-PyYAML (Moderate)	2020-12-01
oval:org.opensuse.security:def:26594	P	libopensc2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27325	P	xen on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25888	P	Security update for flash-player (Critical)	2020-12-01
oval:org.opensuse.security:def:26810	P	pure-ftpd on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27545	P	python-imaging on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26416	P	Security update for nginx (Moderate)	2020-12-01
oval:org.opensuse.security:def:27091	P	bind on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27237	P	mailman on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26461	P	Security update for chromium (Important)	2020-12-01
oval:org.opensuse.security:def:26665	P	acpid on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27986	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:28141	P	Security update for java-1_7_1-ibm (Important)	2020-12-01
oval:org.opensuse.security:def:27484	P	libsndfile-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:30650	P	Security update for Image Magick	2020-12-01
oval:org.opensuse.security:def:30948	P	Recommended update for glibc (Moderate)	2020-12-01
oval:org.opensuse.security:def:55327	P	mailx on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:54648	P	perl-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:32459	P	Security update for xorg-x11-libX11 (Important)	2020-12-01
oval:org.opensuse.security:def:32613	P	wget on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31793	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:34845	P	Security update for bind (Important)	2020-12-01
oval:org.opensuse.security:def:35017	P	Security update for grub2 (Important)	2020-12-01
oval:org.opensuse.security:def:34305	P	Security update for quagga (Moderate)	2020-12-01
oval:org.opensuse.security:def:26453	P	Security update for kauth (Moderate)	2020-12-01
oval:org.opensuse.security:def:26608	P	libxml2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25952	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:26557	P	gnome-screensaver on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26849	P	zoo on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27580	P	xen-devel on GA media (Moderate)	2020-12-01
oval:org.mitre.oval:def:28083	P	SUSE-SU-2014:1318-1 -- Security update for Xen (moderate)	2014-12-29
oval:org.opensuse.security:def:80155	P	Security update for Xen	2014-10-02
oval:com.ubuntu.precise:def:20143967000	V	CVE-2014-3967 on Ubuntu 12.04 LTS (precise) - medium.	2014-06-05
oval:com.ubuntu.trusty:def:20143967000	V	CVE-2014-3967 on Ubuntu 14.04 LTS (trusty) - medium.	2014-06-05

BACK