PRIOn knowledge basePRION:CVE-2013-0153

HistoryFeb 14, 2013 - 10:55 p.m.

Design/Logic Flaw

2013-02-1422:55:00

PRIOn knowledge base

www.prio-n.com

6.8 Medium

AI Score

Confidence

High

4.7 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:N/I:N/A:C

0.001 Low

EPSS

Percentile

26.2%

JSON

The AMD IOMMU support in Xen 4.2.x, 4.1.x, 3.3, and other versions, when using AMD-Vi for PCI passthrough, uses the same interrupt remapping table for the host and all guests, which allows guests to cause a denial of service by injecting an interrupt into other guests.

CPENameOperatorVersion
xeneq4.2.0
xeneq4.2.1
xeneq4.1.2
xeneq4.1.1
xeneq4.1.0
xeneq4.1.3
xeneq4.1.4
xeneq3.3.0

Name	Operator	Version
xen	eq	4.2.0
xen	eq	4.2.1
xen	eq	4.1.2
xen	eq	4.1.1
xen	eq	4.1.0
xen	eq	4.1.3
xen	eq	4.1.4
xen	eq	3.3.0

References

lists.opensuse.org/opensuse-security-announce/2014-03/msg00021.html

lists.opensuse.org/opensuse-updates/2013-04/msg00051.html

lists.opensuse.org/opensuse-updates/2013-04/msg00052.html

lists.opensuse.org/opensuse-updates/2013-06/msg00049.html

osvdb.org/89867

rhn.redhat.com/errata/RHSA-2013-0847.html

secunia.com/advisories/51881

secunia.com/advisories/55082

security.gentoo.org/glsa/glsa-201309-24.xml

www.debian.org/security/2013/dsa-2636

www.openwall.com/lists/oss-security/2013/02/05/7

www.securityfocus.com/bid/57745

exchange.xforce.ibmcloud.com/vulnerabilities/81831

6.8 Medium

AI Score

Confidence

High

4.7 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:N/I:N/A:C

0.001 Low

EPSS

Percentile

26.2%

JSON

Related for PRION:CVE-2013-0153