UBUNTU-CVE-2014-2580

Advisory lineage Upstream: 1 Downstream: 1

Upstream

CVE-2014-2580

Downstream

USN-2226-1

Published: 15 Apr 2014, 00:00

Last modified:22 Apr 2026, 09:38

Vulnerability Summary

Overall Risk (default)

minimal

0/100

CVSS Score

No data

EPSS Score

No data

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

15 Apr 2014, 00:00

Published

Vulnerability first disclosed

22 Apr 2026, 09:38

Last Modified

Vulnerability information updated

Description

The netback driver in Xen, when using certain Linux versions that do not allow sleeping in softirq context, allows local guest administrators to cause a denial of service ("scheduling while atomic" error and host crash) via a malformed packet, which causes a mutex to be taken when trying to disable the interface.

Affected Systems

ubuntu•linux
< 3.13.0-27.50

References (6)

https://ubuntu.com/security/CVE-2014-2580
http://www.openwall.com/lists/oss-security/2014/03/25
http://xenbits.xenproject.org/xsa/advisory-90.html
https://ubuntu.com/security/notices/USN-2226-1
https://ubuntu.com/security/notices/USN-2260-1
https://www.cve.org/CVERecord?id=CVE-2014-2580