CVE Vulnerabilities

CVE-2013-1432

Published: Aug 28, 2013 | Modified: Jun 30, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.4 HIGH
AV:A/AC:M/Au:S/C:C/I:C/A:C
RedHat/V2
6.5 IMPORTANT
AV:A/AC:H/Au:S/C:C/I:C/A:C
RedHat/V3
Ubuntu

Xen 4.1.x and 4.2.x, when the XSA-45 patch is in place, does not properly maintain references on pages stored for deferred cleanup, which allows local PV guest kernels to cause a denial of service (premature page free and hypervisor crash) or possibly gain privileges via unspecified vectors.

Affected Software

Name Vendor Start Version End Version
Xen Xen 4.2.0 4.2.0
Xen Xen 4.2.1 4.2.1
Xen Xen 4.2.2 4.2.2
Xen Ubuntu precise *
Xen Ubuntu quantal *
Xen Ubuntu raring *
Xen Ubuntu upstream *
Xen-3.3 Ubuntu lucid *
Xen-3.3 Ubuntu upstream *

References