CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:N/I:N/A:C
AI Score
Confidence
Low
EPSS
Percentile
28.1%
Xen 4.x, when downgrading the grant table version, does not properly remove the status page from the tracking list when freeing the page, which allows local guest OS administrators to cause a denial of service (hypervisor crash) via unspecified vectors.
lists.opensuse.org/opensuse-security-announce/2012-12/msg00001.html
lists.opensuse.org/opensuse-security-announce/2012-12/msg00018.html
lists.opensuse.org/opensuse-security-announce/2012-12/msg00019.html
lists.opensuse.org/opensuse-security-announce/2013-01/msg00011.html
lists.opensuse.org/opensuse-security-announce/2014-03/msg00021.html
lists.opensuse.org/opensuse-updates/2013-04/msg00051.html
lists.opensuse.org/opensuse-updates/2013-04/msg00052.html
secunia.com/advisories/51397
secunia.com/advisories/51468
secunia.com/advisories/51486
secunia.com/advisories/51487
secunia.com/advisories/55082
security.gentoo.org/glsa/glsa-201309-24.xml
support.citrix.com/article/CTX135777
www.debian.org/security/2012/dsa-2582
www.openwall.com/lists/oss-security/2012/12/03/6
www.osvdb.org/88128
www.securityfocus.com/bid/56794
exchange.xforce.ibmcloud.com/vulnerabilities/80478