icon

We found results for “

CVE-2014-1950

Good to know:

icon
icon

Date: February 14, 2014

Use-after-free vulnerability in the xc_cpupool_getinfo function in Xen 4.1.x through 4.3.x, when using a multithreaded toolstack, does not properly handle a failure by the xc_cpumap_alloc function, which allows local users with access to management functions to cause a denial of service (heap corruption) and possibly gain privileges via unspecified vectors.

Language: C

Severity Score

Severity Score

Weakness Type (CWE)

Resource Management Errors

CWE-399

Top Fix

icon

Upgrade Version

Upgrade to version 4.4.0

Learn More

CVSS v2

Base Score:
Access Vector (AV): LOCAL
Access Complexity (AC): LOW
Authentication (AU): NONE
Confidentiality (C): PARTIAL
Integrity (I): PARTIAL
Availability (A): PARTIAL
Additional information:

Do you need more information?

Contact Us