CVE-2011-1898
6.5 Medium
AI Score
Confidence
High
7.4 High
CVSS2
Access Vector
ADJACENT_NETWORK
Access Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:A/AC:M/Au:S/C:C/I:C/A:C
0.001 Low
EPSS
Percentile
28.4%
Xen 4.1 before 4.1.1 and 4.0 before 4.0.2, when using PCI passthrough on Intel VT-d chipsets that do not have interrupt remapping, allows guest OS users to gain host OS privileges by “using DMA to generate MSI interrupts by writing to the interrupt injection registers.”
| CPE | Name | Operator | Version |
|---|---|---|---|
| citrix:xen | citrix xen | eq | 4.1.0 |
| citrix:xen | citrix xen | eq | 4.0.0 |
| citrix:xen | citrix xen | eq | 4.0.1 |
References
lists.fedoraproject.org/pipermail/package-announce/2011-June/062112.html
lists.fedoraproject.org/pipermail/package-announce/2011-June/062139.html
lists.opensuse.org/opensuse-security-announce/2011-08/msg00017.html
lists.opensuse.org/opensuse-security-announce/2011-08/msg00018.html
theinvisiblethings.blogspot.com/2011/05/following-white-rabbit-software-attacks.html
www.invisiblethingslab.com/resources/2011/Software%20Attacks%20on%20Intel%20VT-d.pdf
xen.1045712.n5.nabble.com/Xen-security-advisory-CVE-2011-1898-VT-d-PCI-passthrough-MSI-td4390298.html
xen.org/download/index_4.0.2.html
Related
6.5 Medium
AI Score
Confidence
High
7.4 High
CVSS2
Access Vector
ADJACENT_NETWORK
Access Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:A/AC:M/Au:S/C:C/I:C/A:C
0.001 Low
EPSS
Percentile
28.4%