Lucene search

PRIOn knowledge basePRION:CVE-2013-1918

HistoryMay 13, 2013 - 11:55 p.m.

Design/Logic Flaw

2013-05-1323:55:00

PRIOn knowledge base

www.prio-n.com

6.6 Medium

AI Score

Confidence

High

4.7 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:N/I:N/A:C

0.001 Low

EPSS

Percentile

24.7%

JSON

Certain page table manipulation operations in Xen 4.1.x, 4.2.x, and earlier are not preemptible, which allows local PV kernels to cause a denial of service via vectors related to “deep page table traversal.”

CPENameOperatorVersion
xeneq4.1.5
xeneq4.1.2
xeneq4.1.1
xeneq4.1.0
xeneq4.1.3
xeneq4.1.4
xeneq4.2.2
xeneq4.2.0
xeneq4.2.1

Name	Operator	Version
xen	eq	4.1.5
xen	eq	4.1.2
xen	eq	4.1.1
xen	eq	4.1.0
xen	eq	4.1.3
xen	eq	4.1.4
xen	eq	4.2.2
xen	eq	4.2.0
xen	eq	4.2.1

References

lists.opensuse.org/opensuse-security-announce/2014-03/msg00021.html

secunia.com/advisories/53187

secunia.com/advisories/55082

security.gentoo.org/glsa/glsa-201309-24.xml

www.debian.org/security/2013/dsa-2666

www.openwall.com/lists/oss-security/2013/05/02/8

www.securityfocus.com/bid/59615

lists.fedoraproject.org/pipermail/package-announce/2013-May/105533.html

6.6 Medium

AI Score

Confidence

High

4.7 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:N/I:N/A:C

0.001 Low

EPSS

Percentile

24.7%

JSON

Related for PRION:CVE-2013-1918