Lucene search

PRIOn knowledge basePRION:CVE-2013-4361

HistoryOct 01, 2013 - 5:55 p.m.

Stack overflow

2013-10-0117:55:00

PRIOn knowledge base

www.prio-n.com

6.3 Medium

AI Score

Confidence

Low

2.1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

0.001 Low

EPSS

Percentile

25.5%

JSON

The fbld instruction emulation in Xen 3.3.x through 4.3.x does not use the correct variable for the source effective address, which allows local HVM guests to obtain hypervisor stack information by reading the values used by the instruction.

CPENameOperatorVersion
xeneq4.1.5
xeneq4.2.2
xeneq3.4.0
xeneq4.3.0
xeneq4.0.4
xeneq4.0.2
xeneq3.3.2
xeneq4.1.2
xeneq3.4.4
xeneq4.0.0

Name	Operator	Version
xen	eq	4.1.5
xen	eq	4.2.2
xen	eq	3.4.0
xen	eq	4.3.0
xen	eq	4.0.4
xen	eq	4.0.2
xen	eq	3.3.2
xen	eq	4.1.2
xen	eq	3.4.4
xen	eq	4.0.0

Rows per page:

1-10 of 231

References

lists.opensuse.org/opensuse-security-announce/2014-03/msg00021.html

lists.opensuse.org/opensuse-updates/2013-11/msg00009.html

security.gentoo.org/glsa/glsa-201407-03.xml

www.debian.org/security/2014/dsa-3006

www.openwall.com/lists/oss-security/2013/09/30/3

6.3 Medium

AI Score

Confidence

Low

2.1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

0.001 Low

EPSS

Percentile

25.5%

JSON

Related for PRION:CVE-2013-4361