CVE - CVE-2014-2580

CVE-ID
CVE-2014-2580	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
The netback driver in Xen, when using certain Linux versions that do not allow sleeping in softirq context, allows local guest administrators to cause a denial of service ("scheduling while atomic" error and host crash) via a malformed packet, which causes a mutex to be taken when trying to disable the interface.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
MLIST:[oss-security] 20140324 Re: Xen Security Advisory 90 - Linux netback crash trying to disable due to malformed packet URL:http://www.openwall.com/lists/oss-security/2014/03/24/8 MLIST:[oss-security] 20140324 Xen Security Advisory 90 - Linux netback crash trying to disable due to malformed packet URL:http://www.openwall.com/lists/oss-security/2014/03/24/6 CONFIRM:http://xenbits.xen.org/xsa/advisory-90.html BID:66386 URL:http://www.securityfocus.com/bid/66386 SECTRACK:1029949 URL:http://www.securitytracker.com/id/1029949
Assigning CNA
N/A
Date Entry Created
20140321	Disclaimer: The entry creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20140321)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an entry on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: cve@mitre.org