Improper Supervisor Mode Permissions in Xen x86_emulate Function

Improper Supervisor Mode Permissions in Xen x86_emulate Function

CVE-2014-7155 · MEDIUM Severity

AV:A/AC:L/AU:N/C:P/I:P/A:P

The x86_emulate function in arch/x86/x86_emulate/x86_emulate.c in Xen 4.4.x and earlier does not properly check supervisor mode permissions, which allows local HVM users to cause a denial of service (guest crash) or gain guest kernel mode privileges via vectors involving an (1) HLT, (2) LGDT, (3) LIDT, or (4) LMSW instruction.

Learn more about our User Device Pen Test.