Vulnerability Database

290,273

Total vulnerabilities in the database

CVE-2014-3124

The HVMOP_set_mem_type control in Xen 4.1 through 4.4.x allows local guest HVM administrators to cause a denial of service (hypervisor crash) or possibly execute arbitrary code by leveraging a separate qemu-dm vulnerability to trigger invalid page table translations for unspecified memory page types.

  • Published: May 7, 2014
  • Updated: Apr 13, 2023
  • CVE: CVE-2014-3124
  • Severity: Medium
  • Exploit:

CVSS v2:

  • Severity: Medium
  • Score: 6.7
  • AV:A/AC:L/Au:S/C:P/I:P/A:C

CWEs:

Software From Fixed in
xen / xen 4.1.5 4.1.5.x
xen / xen 4.2.2 4.2.2.x
xen / xen 4.2.3 4.2.3.x
xen / xen 4.3.0 4.3.0.x
xen / xen 4.1.2 4.1.2.x
xen / xen 4.4.0-rc1 4.4.0-rc1.x
xen / xen 4.1.1 4.1.1.x
xen / xen 4.2.0 4.2.0.x
xen / xen 4.1.0 4.1.0.x
xen / xen 4.1.3 4.1.3.x
xen / xen 4.1.6.1 4.1.6.1.x
xen / xen 4.1.4 4.1.4.x
xen / xen 4.3.1 4.3.1.x
xen / xen 4.2.1 4.2.1.x
xen / xen 4.4.0 4.4.0.x