#VU41543 Buffer overflow in Xen - CVE-2014-4021
Vulnerability identifier: #VU41543
Vulnerability risk: Low
CVSSv4.0: 1.1 [CVSS:4.0/AV:A/AC:L/AT:N/PR:H/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID:
CWE-ID:
CWE-119
Exploitation vector: Local network
Exploit availability: No
Vulnerable software:
Xen
Server applications /
Virtualization software
Vendor: Xen Project
Description
The vulnerability allows a remote #AU# to gain access to sensitive information.
Xen 3.2.x through 4.4.x does not properly clean memory pages recovered from guests, which allows local guest OS users to obtain sensitive information via unspecified vectors.
Mitigation
Install update from vendor's website.
Vulnerable software versions
Xen: 3.2.0 - 4.4.0
External links
https://linux.oracle.com/errata/ELSA-2014-0926.html
https://linux.oracle.com/errata/ELSA-2014-0926-1.html
https://lists.fedoraproject.org/pipermail/package-announce/2014-July/135068.html
https://lists.fedoraproject.org/pipermail/package-announce/2014-July/135071.html
https://lists.opensuse.org/opensuse-security-announce/2014-10/msg00002.html
https://lists.opensuse.org/opensuse-security-announce/2014-10/msg00003.html
https://secunia.com/advisories/59208
https://secunia.com/advisories/60027
https://secunia.com/advisories/60130
https://secunia.com/advisories/60471
https://security.gentoo.org/glsa/glsa-201407-03.xml
https://support.citrix.com/article/CTX140984
https://www.debian.org/security/2014/dsa-3006
https://www.securityfocus.com/bid/68070
https://www.securitytracker.com/id/1030442
https://xenbits.xen.org/xsa/advisory-100.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
