CVE-2014-7155

Description

The x86_emulate function in arch/x86/x86_emulate/x86_emulate.c in Xen 4.4.x and earlier does not properly check supervisor mode permissions, which allows local HVM users to cause a denial of service (guest crash) or gain guest kernel mode privileges via vectors involving an (1) HLT, (2) LGDT, (3) LIDT, or (4) LMSW instruction.

How to fix CVE-2014-7155

To remediate CVE-2014-7155, upgrade the affected package to a fixed version below.

• Debian/xen—upgrade to 4.4.1-3 or later

Is CVE-2014-7155 being exploited?

Low — EPSS is 1.0%, meaning exploitation activity has not been observed at scale.

Affected packages (1)

• from 0, < 4.4.1-3

References (1)

• ADVISORYsecurity-tracker.debian.org/tracker/CVE-2014-7155