Improper Page Reference Management in Xen's do_mmu_update Function

Improper Page Reference Management in Xen's do_mmu_update Function

CVE-2014-9030 · HIGH Severity

AV:N/AC:M/AU:N/C:N/I:N/A:C

The do_mmu_update function in arch/x86/mm.c in Xen 3.2.x through 4.4.x does not properly manage page references, which allows remote domains to cause a denial of service by leveraging control over an HVM guest and a crafted MMU_MACHPHYS_UPDATE.

Learn more about our Web Application Penetration Testing UK.