Improper Supervisor Mode Permissions in Xen x86_emulate Function
CVE-2014-7155 · MEDIUM Severity
AV:A/AC:L/AU:N/C:P/I:P/A:P
The x86_emulate function in arch/x86/x86_emulate/x86_emulate.c in Xen 4.4.x and earlier does not properly check supervisor mode permissions, which allows local HVM users to cause a denial of service (guest crash) or gain guest kernel mode privileges via vectors involving an (1) HLT, (2) LGDT, (3) LIDT, or (4) LMSW instruction.
Learn more about our User Device Pen Test.