Vulnerability Database

290,278

Total vulnerabilities in the database

CVE-2014-3968

The HVMOP_inject_msi function in Xen 4.2.x, 4.3.x, and 4.4.x allows local guest HVM administrators to cause a denial of service (host crash) via a large number of crafted requests, which trigger an error messages to be logged.

  • Published: Jun 5, 2014
  • Updated: Apr 13, 2023
  • CVE: CVE-2014-3968
  • Severity: Medium
  • Exploit:

CVSS v2:

  • Severity: Medium
  • Score: 5.5
  • AV:A/AC:L/Au:S/C:N/I:N/A:C

No CWE or OWASP classifications available.

Software From Fixed in
xen / xen 4.3.0 4.3.0.x
xen / xen 4.3.1 4.3.1.x
xen / xen 4.2.2 4.2.2.x
xen / xen 4.2.3 4.2.3.x
xen / xen 4.2.0 4.2.0.x
xen / xen 4.2.1 4.2.1.x
opensuse / opensuse 12.3 12.3.x
opensuse / opensuse 13.1 13.1.x
xen / xen 4.4.0-rc1 4.4.0-rc1.x
xen / xen 4.4.0 4.4.0.x