The do_mmu_update function in arch/x86/mm.c in Xen 4.x through 4.4.x does not properly restrict updates to only PV page tables, which allows remote PV guests to cause a denial of service (NULL pointer dereference) by leveraging hardware emulation services for HVM guests using Hardware Assisted Paging (HAP).
2014-11-19T18:59:10.533
2025-04-12T10:46:40.837
Deferred
CVSSv2: 5.4 (MEDIUM)
AV:N/AC:H/Au:N/C:N/I:N/A:C
4.9
6.9
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Operating System | opensuse | opensuse | 13.1 | Yes |
| Operating System | opensuse | opensuse | 13.2 | Yes |
| Operating System | debian | debian_linux | 7.0 | Yes |
| Operating System | xen | xen | 4.0.0 | Yes |
| Operating System | xen | xen | 4.0.1 | Yes |
| Operating System | xen | xen | 4.0.2 | Yes |
| Operating System | xen | xen | 4.0.3 | Yes |
| Operating System | xen | xen | 4.0.4 | Yes |
| Operating System | xen | xen | 4.1.0 | Yes |
| Operating System | xen | xen | 4.1.1 | Yes |
| Operating System | xen | xen | 4.1.2 | Yes |
| Operating System | xen | xen | 4.1.3 | Yes |
| Operating System | xen | xen | 4.1.4 | Yes |
| Operating System | xen | xen | 4.1.5 | Yes |
| Operating System | xen | xen | 4.1.6.1 | Yes |
| Operating System | xen | xen | 4.2.0 | Yes |
| Operating System | xen | xen | 4.2.1 | Yes |
| Operating System | xen | xen | 4.2.2 | Yes |
| Operating System | xen | xen | 4.2.3 | Yes |
| Operating System | xen | xen | 4.3.0 | Yes |
| Operating System | xen | xen | 4.3.1 | Yes |