Lucene search

[email protected]CVE-2013-2195

HistoryAug 23, 2013 - 4:55 p.m.

CVE-2013-2195

2013-08-2316:55:00

CWE-189

[email protected]

web.nvd.nist.gov

cve-2013-2195

elf parser

libelf

xen 4.2.x

information security

nvd

vulnerability

6.2 Medium

AI Score

Confidence

Low

6.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

0.001 Low

EPSS

Percentile

28.4%

JSON

The Elf parser (libelf) in Xen 4.2.x and earlier allow local guest administrators with certain permissions to have an unspecified impact via a crafted kernel, related to “pointer dereferences” involving unexpected calculations.

CPENameOperatorVersion
xen:xenxeneq4.2.0
xen:xenxenle4.2.2
xen:xenxeneq4.2.1

CPE	Name	Operator	Version
xen:xen	xen	eq	4.2.0
xen:xen	xen	le	4.2.2
xen:xen	xen	eq	4.2.1

References

lists.opensuse.org/opensuse-security-announce/2014-03/msg00015.html

lists.opensuse.org/opensuse-security-announce/2014-03/msg00021.html

lists.opensuse.org/opensuse-security-announce/2014-04/msg00000.html

secunia.com/advisories/55082

security.gentoo.org/glsa/glsa-201309-24.xml

support.citrix.com/article/CTX138058

www.debian.org/security/2014/dsa-3006

www.openwall.com/lists/oss-security/2013/06/20/2

www.openwall.com/lists/oss-security/2013/06/20/4

6.2 Medium

AI Score

Confidence

Low

6.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

0.001 Low

EPSS

Percentile

28.4%

JSON

Related for CVE-2013-2195

ubuntucve2 cvelist2 prion2 debiancve2 nessus13 fedora39 cve1 xen1 openvas74 suse4 mageia1 debian1 osv1 gentoo1