Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2013-4554HistoryDec 24, 2013 - 7:55 p.m.
CVE-2013-4554
2013-12-2419:55:07
Debian Security Bug Tracker
security-tracker.debian.org
11
5.2 Medium
CVSS2
Attack Vector
ADJACENT_NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:A/AC:L/Au:S/C:P/I:P/A:P
0.001 Low
EPSS
Percentile
26.9%
Xen 3.0.3 through 4.1.x (possibly 4.1.6.1), 4.2.x (possibly 4.2.3), and 4.3.x (possibly 4.3.1) does not properly prevent access to hypercalls, which allows local guest users to gain privileges via a crafted application running in ring 1 or 2.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | xen | < 4.17.3+10-g091466ba55-1~deb12u1 | xen_4.17.3+10-g091466ba55-1~deb12u1_all.deb |
| Debian | 11 | all | xen | < 4.14.6-1 | xen_4.14.6-1_all.deb |
| Debian | 10 | all | xen | < 4.11.4+107-gef32c7afa2-1 | xen_4.11.4+107-gef32c7afa2-1_all.deb |
| Debian | 999 | all | xen | < 4.17.3+36-g54dacb5c02-1 | xen_4.17.3+36-g54dacb5c02-1_all.deb |
| Debian | 13 | all | xen | < 4.17.3+36-g54dacb5c02-1 | xen_4.17.3+36-g54dacb5c02-1_all.deb |
Related
xen
xen
Hypercalls exposed to privilege rings 1 and 2 of HVM guests
2013-11-26 12:00:00
cve
cve
CVE-2013-4554
2013-12-24 19:55:07
prion
prion
Code injection
2013-12-24 19:55:00
nvd
nvd
CVE-2013-4554
2013-12-24 19:55:07
ubuntucve
ubuntucve
CVE-2013-4554
2013-12-24 00:00:00
cvelist
cvelist
CVE-2013-4554
2013-12-24 19:00:00
nessus
nessus
OracleVM 3.1 : xen (OVMSA-2013-0087)
2014-11-26 00:00:00
OracleVM 3.2 : xen (OVMSA-2013-0085)
2014-11-26 00:00:00
OracleVM 2.2 : xen (OVMSA-2013-0088)
2014-11-26 00:00:00
fedora
fedora
[SECURITY] Fedora 20 Update: xen-4.3.1-5.fc20
2013-12-14 02:53:08
[SECURITY] Fedora 20 Update: xen-4.3.1-6.fc20
2013-12-21 02:27:56
[SECURITY] Fedora 20 Update: xen-4.3.1-8.fc20
2014-02-03 02:43:51
openvas
openvas
Fedora Update for xen FEDORA-2013-22754
2014-02-03 00:00:00
Fedora Update for xen FEDORA-2013-22754
2014-02-03 00:00:00
Oracle: Security Advisory (ELSA-2014-0285-1)
2015-10-06 00:00:00
oraclelinux
oraclelinux
kernel security, bug fix, and enhancement update
2014-03-13 00:00:00
kernel security, bug fix, and enhancement update
2014-03-12 00:00:00
centos
centos
kernel security update
2014-03-13 10:35:06
redhat
redhat
(RHSA-2014:0285) Important: kernel security, bug fix, and enhancement update
2014-03-12 00:00:00
suse
suse
Security update for Xen (important)
2014-03-14 00:04:13
Security update for Xen (important)
2014-03-20 13:04:14
Security update for Xen (important)
2014-04-01 20:04:15
gentoo
gentoo
Xen: Multiple Vunlerabilities
2014-07-16 00:00:00
5.2 Medium
CVSS2
Attack Vector
ADJACENT_NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:A/AC:L/Au:S/C:P/I:P/A:P
0.001 Low
EPSS
Percentile
26.9%
Related for DEBIANCVE:CVE-2013-4554