6.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
2.1 Low
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:N/I:N/A:P
0.0004 Low
EPSS
Percentile
13.3%
An issue was discovered in Xen through 4.12.x allowing x86 guest OS users
to cause a denial of service (infinite loop) because certain bit iteration
is mishandled. In a number of places bitmaps are being used by the
hypervisor to track certain state. Iteration over all bits involves
functions which may misbehave in certain corner cases: On x86 accesses to
bitmaps with a compile time known size of 64 may incur undefined behavior,
which may in particular result in infinite loops. A malicious guest may
cause a hypervisor crash or hang, resulting in a Denial of Service (DoS).
All versions of Xen are vulnerable. x86 systems with 64 or more nodes are
vulnerable (there might not be any such systems that Xen would run on). x86
systems with less than 64 nodes are not vulnerable.
Author | Note |
---|---|
mdeslaur | hypervisor packages are in universe. For issues in the hypervisor, add appropriate tags to each section, ex: Tags_xen: universe-binary |
6.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
2.1 Low
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:N/I:N/A:P
0.0004 Low
EPSS
Percentile
13.3%