CVE Vulnerabilities

CVE-2013-0215

Published: Mar 07, 2013 | Modified: Feb 13, 2023
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
4.3 MEDIUM
AV:A/AC:M/Au:N/C:P/I:N/A:P
RedHat/V2
4.1 MODERATE
AV:A/AC:L/Au:S/C:P/I:N/A:P
RedHat/V3
Ubuntu
MEDIUM

oxenstored in Xen 4.1.x, Xen 4.2.x, and xen-unstable does not properly consider the state of the Xenstore ring during read operations, which allows guest OS users to cause a denial of service (daemon crash and host-control outage, or memory consumption) or obtain sensitive control-plane data by leveraging guest administrative access.

Affected Software

Name Vendor Start Version End Version
Xen Xen 4.1.0 (including) 4.1.0 (including)
Xen Xen 4.1.1 (including) 4.1.1 (including)
Xen Xen 4.1.2 (including) 4.1.2 (including)
Xen Xen 4.1.3 (including) 4.1.3 (including)
Xen Xen 4.1.4 (including) 4.1.4 (including)
Xen Ubuntu devel *
Xen Ubuntu oneiric *
Xen Ubuntu precise *
Xen Ubuntu quantal *

References