Lucene search

K

RedhatCVELIST:CVE-2013-1920

HistoryApr 12, 2013 - 10:00 p.m.

CVE-2013-1920

2013-04-1222:00:00

redhat

www.cve.org

1

3.9 Low

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

28.2%

Xen 4.2.x, 4.1.x, and earlier, when the hypervisor is running “under memory pressure” and the Xen Security Module (XSM) is enabled, uses the wrong ordering of operations when extending the per-domain event channel tracking table, which causes a use-after-free and allows local guest kernels to inject arbitrary events and gain privileges via unspecified vectors.

References

lists.opensuse.org/opensuse-security-announce/2014-03/msg00015.html

lists.opensuse.org/opensuse-security-announce/2014-03/msg00021.html

lists.opensuse.org/opensuse-security-announce/2014-04/msg00000.html

lists.opensuse.org/opensuse-updates/2013-06/msg00049.html

lists.xen.org/archives/html/xen-announce/2013-04/msg00000.html

osvdb.org/92050

secunia.com/advisories/52857

secunia.com/advisories/55082

security.gentoo.org/glsa/glsa-201309-24.xml

www.openwall.com/lists/oss-security/2013/04/04/7

www.securityfocus.com/bid/58880

www.securitytracker.com/id/1028388

exchange.xforce.ibmcloud.com/vulnerabilities/83226

3.9 Low

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

28.2%

Related for CVELIST:CVE-2013-1920

nessus14 ubuntucve1 cve1 prion1 nvd1 fedora27 xen1 debiancve1 openvas56 suse4 gentoo1