Lucene search

K

MitreCVELIST:CVE-2011-1898

HistoryAug 12, 2011 - 6:00 p.m.

CVE-2011-1898

2011-08-1218:00:00

mitre

www.cve.org

6.8 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

29.7%

Xen 4.1 before 4.1.1 and 4.0 before 4.0.2, when using PCI passthrough on Intel VT-d chipsets that do not have interrupt remapping, allows guest OS users to gain host OS privileges by “using DMA to generate MSI interrupts by writing to the interrupt injection registers.”

References

lists.fedoraproject.org/pipermail/package-announce/2011-June/062112.html

lists.fedoraproject.org/pipermail/package-announce/2011-June/062139.html

lists.opensuse.org/opensuse-security-announce/2011-08/msg00017.html

lists.opensuse.org/opensuse-security-announce/2011-08/msg00018.html

theinvisiblethings.blogspot.com/2011/05/following-white-rabbit-software-attacks.html

www.invisiblethingslab.com/resources/2011/Software%20Attacks%20on%20Intel%20VT-d.pdf

xen.1045712.n5.nabble.com/Xen-security-advisory-CVE-2011-1898-VT-d-PCI-passthrough-MSI-td4390298.html

xen.org/download/index_4.0.2.html

6.8 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

29.7%

Related for CVELIST:CVE-2011-1898

nvd1 nessus16 veracode1 suse3 altlinux1 debiancve1 ubuntucve1 prion1 cve1 openvas24 fedora5 debian1 securityvulns1 osv1 redhat3 centos1 oraclelinux4