Vulnerabilities
Misconfiguration
Runtime Security
Compliance
CVE Vulnerabilities

CVE-2013-4356

Published: Oct 09, 2013 | Modified: Jan 07, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5.4 MEDIUM
AV:A/AC:M/Au:N/C:P/I:P/A:P
RedHat/V2
1 LOW
AV:L/AC:H/Au:S/C:P/I:N/A:N
RedHat/V3
Ubuntu
MEDIUM
Additional information
NVDhttps://nvd.nist.gov/vuln/detail/CVE-2013-4356
CWEhttps://cwe.mitre.org/data/definitions/264.html

Xen 4.3.x writes hypervisor mappings to certain shadow pagetables when live migration is performed on hosts with more than 5TB of RAM, which allows local 64-bit PV guests to read or write to invalid memory and cause a denial of service (crash).

Affected Software

Name Vendor Start Version End Version
Xen Xen 4.3.0 (including) 4.3.0 (including)
Xen Ubuntu devel *
Xen Ubuntu saucy *
Xen-3.3 Ubuntu upstream *

References

Aqua Security is the largest pure-play cloud native security company, providing customers the freedom to innovate and run their businesses with minimal friction. The Aqua Cloud Native Security Platform provides prevention, detection, and response automation across the entire application lifecycle to secure the build, secure cloud infrastructure and secure running workloads wherever they are deployed.
Copyright © 2024 Aqua Security Software Ltd.   Privacy Policy | Terms of Use