Computer Security
[EN] securityvulns.ru no-pyccku


Xen security vulnerabilities
Published:22.04.2013
Source:
SecurityVulns ID:13022
Type:local
Threat Level:
5/10
Description:Few DoS conditions.
Affected:XEN : Xen 4.0
CVE:CVE-2013-1919 (Xen 4.2.x and 4.1.x does not properly restrict access to IRQs, which allows local stub domain clients to gain access to IRQs and cause a denial of service via vectors related to "passed-through IRQs or PCI devices.")
 CVE-2013-1917 (Xen 3.1 through 4.x, when running 64-bit hosts on Intel CPUs, does not clear the NT flag when using an IRET after a SYSENTER instruction, which allows PV guest users to cause a denial of service (hypervisor crash) by triggering a #GP fault, which is not properly handled by another IRET instruction.)
Original documentdocumentDEBIAN, [SECURITY] [DSA 2662-1] xen security update (22.04.2013)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod