Lucene search

K

[email protected]CVE-2013-0153

HistoryFeb 14, 2013 - 10:55 p.m.

CVE-2013-0153

2013-02-1422:55:00

NVD-CWE-noinfo

[email protected]

web.nvd.nist.gov

49

amd

iommu

xen

denial of service

cve-2013-0153

nvd

6.3 Medium

AI Score

Confidence

Low

4.7 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:N/I:N/A:C

0.001 Low

EPSS

Percentile

27.4%

The AMD IOMMU support in Xen 4.2.x, 4.1.x, 3.3, and other versions, when using AMD-Vi for PCI passthrough, uses the same interrupt remapping table for the host and all guests, which allows guests to cause a denial of service by injecting an interrupt into other guests.

CPENameOperatorVersion
xen:xenxeneq4.2.0
xen:xenxeneq4.2.1
xen:xenxeneq4.1.2
xen:xenxeneq4.1.1
xen:xenxeneq4.1.0
xen:xenxeneq4.1.3
xen:xenxeneq4.1.4
xen:xenxeneq3.3.0

References

lists.opensuse.org/opensuse-security-announce/2014-03/msg00021.html

lists.opensuse.org/opensuse-updates/2013-04/msg00051.html

lists.opensuse.org/opensuse-updates/2013-04/msg00052.html

lists.opensuse.org/opensuse-updates/2013-06/msg00049.html

osvdb.org/89867

rhn.redhat.com/errata/RHSA-2013-0847.html

secunia.com/advisories/51881

secunia.com/advisories/55082

security.gentoo.org/glsa/glsa-201309-24.xml

www.debian.org/security/2013/dsa-2636

www.openwall.com/lists/oss-security/2013/02/05/7

www.securityfocus.com/bid/57745

exchange.xforce.ibmcloud.com/vulnerabilities/81831

6.3 Medium

AI Score

Confidence

Low

4.7 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:N/I:N/A:C

0.001 Low

EPSS

Percentile

27.4%

Related for CVE-2013-0153

nessus18 openvas65 prion1 debiancve1 redhat1 centos1 xen1 oraclelinux3 ubuntucve1 osv1 securityvulns2 debian2 fedora28 suse1 gentoo1