XEN : Security Vulnerabilities, CVEs, Published In February 2014 (Denial of service)
Use-after-free vulnerability in the xc_cpupool_getinfo function in Xen 4.1.x through 4.3.x, when using a multithreaded toolstack, does not properly handle a failure by the xc_cpumap_alloc function, which allows local users with access to management functions to cause a denial of service (heap corruption) and possibly gain privileges via unspecified vectors.
Max CVSS
4.6
EPSS Score
0.04%
Published
2014-02-14
Updated
2014-12-12
1 vulnerabilities found