oss-sec mailing list archives

Re: Xen Security Advisory 105 - Missing privilege level checks in x86 HLT, LGDT, LIDT, and LMSW emulation

From: cve-assign () mitre org
Date: Wed, 24 Sep 2014 02:04:26 -0400 (EDT)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Xen Security Advisory XSA-105

The emulation of the instructions HLT, LGDT, LIDT, and LMSW fails to
perform supervisor mode permission checks.

Xen versions from at least 3.2.x onwards are vulnerable.


Use CVE-2014-7155.

- -- 
CVE assignment team, MITRE CVE Numbering Authority
M/S M300
202 Burlington Road, Bedford, MA 01730 USA
[ PGP key available through http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (SunOS)

iQEcBAEBAgAGBQJUIl3/AAoJEKllVAevmvmsLGoH/2hnJ2Gn+MqmDKeoaG5qsoLb
GE8IOEnUiDkB6ahlL+PwoWgiC5d/W554W31xId0eqZleoFnCtRHHULfy0rC7bbMd
MbYa47QOF+dImT8cRHads23oc7OlwBwPbaDhUr9Ez6g1a5hLt8CaE9K8g4xILx5u
oMsN/+tjFbPzbex2pgtL5ZJW7RXzUlT7UGCr8fBnw0O916OHZzhctAekrsYWjVqu
0KUMRiO/oAgb9Xyzlmkr+DDFcq5VEHegHqDQjNoVodW9dwylP7t9mGZbGO4t1myY
foklnZiKpYwYBSOQK92s1xWvWaiOCUcgPJTxF4F7ruSfIoKBxSNjivKZn7DlTBU=
=5UGs
-----END PGP SIGNATURE-----

Current thread:

Xen Security Advisory 105 - Missing privilege level checks in x86 HLT, LGDT, LIDT, and LMSW emulation Xen . org security team (Sep 23)
- Re: Xen Security Advisory 105 - Missing privilege level checks in x86 HLT, LGDT, LIDT, and LMSW emulation cve-assign (Sep 23)