CVE Vulnerabilities

CVE-2013-0215

Published: Mar 07, 2013 | Modified: Oct 11, 2013
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
4.3 MEDIUM
AV:A/AC:M/Au:N/C:P/I:N/A:P
RedHat/V2
4.1 MODERATE
AV:A/AC:L/Au:S/C:P/I:N/A:P
RedHat/V3
Ubuntu

oxenstored in Xen 4.1.x, Xen 4.2.x, and xen-unstable does not properly consider the state of the Xenstore ring during read operations, which allows guest OS users to cause a denial of service (daemon crash and host-control outage, or memory consumption) or obtain sensitive control-plane data by leveraging guest administrative access.

Affected Software

Name Vendor Start Version End Version
Xen Xen 4.1.0 4.1.0
Xen Xen 4.1.1 4.1.1
Xen Xen 4.1.2 4.1.2
Xen Xen 4.1.3 4.1.3
Xen Xen 4.1.4 4.1.4
Xen Ubuntu devel *
Xen Ubuntu oneiric *
Xen Ubuntu precise *
Xen Ubuntu quantal *

References