DEBIAN-CVE-2014-1666
- Source
- https://security-tracker.debian.org/tracker/CVE-2014-1666
- Import Source
- https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2014-1666.json
- JSON Data
- https://api.osv.dev/v1/vulns/DEBIAN-CVE-2014-1666
- Upstream
- Published
- 2014-01-26T16:58:11.650Z
- Modified
- 2025-11-19T02:02:47.129045Z
- Summary
- [none]
- Details
-
The dophysdevop function in Xen 4.1.5, 4.1.6.1, 4.2.2 through 4.2.3, and 4.3.x does not properly restrict access to the (1) PHYSDEVOPpreparemsix and (2) PHYSDEVOPreleasemsix operations, which allows local PV guests to cause a denial of service (host or guest malfunction) or possibly gain privileges via unspecified vectors.
- References
Affected packages
Debian:11 / xen
Package
- Name
- xen
- Purl
- pkg:deb/debian/xen?arch=source
Debian:12 / xen
Package
- Name
- xen
- Purl
- pkg:deb/debian/xen?arch=source
Debian:13 / xen
Package
- Name
- xen
- Purl
- pkg:deb/debian/xen?arch=source
Debian:14 / xen
Package
- Name
- xen
- Purl
- pkg:deb/debian/xen?arch=source