CVE Vulnerabilities

CVE-2011-2901

Published: Oct 01, 2013 | Modified: Dec 31, 2013
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5.5 MEDIUM
AV:A/AC:L/Au:S/C:N/I:N/A:C
RedHat/V2
5.5 MODERATE
AV:A/AC:L/Au:S/C:N/I:N/A:C
RedHat/V3
Ubuntu

Off-by-one error in the __addr_ok macro in Xen 3.3 and earlier allows local 64 bit PV guest administrators to cause a denial of service (host crash) via unspecified hypercalls that ignore virtual-address bits.

Affected Software

Name Vendor Start Version End Version
Xen Xen 3.0.2 3.0.2
Xen Xen 3.0.3 3.0.3
Xen Xen 3.0.4 3.0.4
Xen Xen 3.1.3 3.1.3
Xen Xen 3.1.4 3.1.4
Xen Xen 3.2.0 3.2.0
Xen Xen 3.2.1 3.2.1
Xen Xen 3.2.2 3.2.2
Xen Xen 3.2.3 3.2.3
Xen Xen * 3.3.0
Red Hat Enterprise Linux 5 RedHat kernel-0:2.6.18-274.3.1.el5 *
Red Hat Enterprise Linux 5.6 EUS - Server Only RedHat kernel-0:2.6.18-238.31.1.el5 *
Xen-3.1 Ubuntu hardy *
Xen-3.2 Ubuntu hardy *
Xen-3.3 Ubuntu lucid *
Xen-3.3 Ubuntu maverick *
Xen-3.3 Ubuntu natty *

References