CVE-2014-9065
EPSS 0.10%
Description
common/spinlock.c in Xen 4.4.x and earlier does not properly handle read and write locks, which allows local x86 guest users to cause a denial of service (write denial or NMI watchdog timeout and host crash) via a large number of read requests, a different vulnerability to CVE-2014-9066.
How to fix CVE-2014-9065
To remediate CVE-2014-9065, upgrade the affected package to a fixed version below.
- Debian/xen—upgrade to 4.4.1-6 or later
Is CVE-2014-9065 being exploited?
Low — EPSS is 0.1%, meaning exploitation activity has not been observed at scale.
Affected packages (1)
- from 0, < 4.4.1-6