use-after-free in libxl_list_cpupool under memory pressure
2013-10-10T12:00:00
ID XSA-70 Type xen Reporter Xen Project Modified 2013-10-10T12:22:00
Description
ISSUE DESCRIPTION
If realloc(3) fails then libxl_list_cpupool will incorrectly return the now-free original pointer.
IMPACT
An attacker may be able to cause a multithreaded toolstack using this function to race against itself leading to heap corruption and a potential DoS.
Depending on the malloc implementation code execution cannot be ruled out.
VULNERABLE SYSTEMS
The flaw is present in Xen 4.2 onwards.
Systems using the libxl toolstack library are vulnerable.
{"viewCount": 0, "id": "XSA-70", "hash": "62858e906d373c2986cce8ec84be33e71814a19b4858ffb2d5ac74215218025c", "cvss": {"score": 4.4, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://xenbits.xen.org/xsa/advisory-70.html", "history": [], "edition": 1, "references": [], "cvelist": ["CVE-2013-4371"], "description": "#### ISSUE DESCRIPTION\nIf realloc(3) fails then libxl_list_cpupool will incorrectly return the now-free original pointer.\n#### IMPACT\nAn attacker may be able to cause a multithreaded toolstack using this function to race against itself leading to heap corruption and a potential DoS.\nDepending on the malloc implementation code execution cannot be ruled out.\n#### VULNERABLE SYSTEMS\nThe flaw is present in Xen 4.2 onwards.\nSystems using the libxl toolstack library are vulnerable.\n", "modified": "2013-10-10T12:22:00", "lastseen": "2016-04-01T21:57:14", "bulletinFamily": "software", "title": "use-after-free in libxl_list_cpupool under memory pressure", "objectVersion": "1.2", "reporter": "Xen Project", "type": "xen", "published": "2013-10-10T12:00:00", "enchantments": {"vulnersScore": 7.5}}
{"result": {"cve": [{"id": "CVE-2013-4371", "type": "cve", "title": "CVE-2013-4371", "description": "Use-after-free vulnerability in the libxl_list_cpupool function in the libxl toolstack library in Xen 4.2.x and 4.3.x, when running \"under memory pressure,\" returns the original pointer when the realloc function fails, which allows local users to cause a denial of service (heap corruption and crash) and possibly execute arbitrary code via unspecified vectors.", "published": "2013-10-17T19:55:04", "cvss": {"score": 4.4, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4371", "cvelist": ["CVE-2013-4371"], "lastseen": "2017-04-18T15:54:00"}], "nessus": [{"id": "FEDORA_2013-19048.NASL", "type": "nessus", "title": "Fedora 19 : xen-4.2.3-4.fc19 (2013-19048)", "description": "Five security fixes CVE-2013-4368 CVE-2013-4369 CVE-2013-4370 CVE-2013-4371 CVE-2013-4375\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2013-10-23T00:00:00", "cvss": {"score": 4.6, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=70549", "cvelist": ["CVE-2013-4368", "CVE-2013-4370", "CVE-2013-4369", "CVE-2013-4371", "CVE-2013-4375"], "lastseen": "2017-10-29T13:37:49"}, {"id": "FEDORA_2013-19053.NASL", "type": "nessus", "title": "Fedora 18 : xen-4.2.3-4.fc18 (2013-19053)", "description": "Five security fixes CVE-2013-4368 CVE-2013-4369 CVE-2013-4370 CVE-2013-4371 CVE-2013-4375\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2013-10-23T00:00:00", "cvss": {"score": 4.6, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=70550", "cvelist": ["CVE-2013-4368", "CVE-2013-4370", "CVE-2013-4369", "CVE-2013-4371", "CVE-2013-4375"], "lastseen": "2017-10-29T13:33:19"}, {"id": "OPENSUSE-2013-1021.NASL", "type": "nessus", "title": "openSUSE Security Update : xen (openSUSE-SU-2013:1953-1)", "description": "Xen was updated to 4.2.3 c/s 26170 to fix various bugs and security issues.\n\nFollowing issues were fixed :\n\n - bnc#845520 - CVE-2013-4416: xen: ocaml xenstored mishandles oversized message replies\n\n - bnc#833483 - Boot Failure with xen kernel in UEFI mode with error 'No memory for trampoline'\n\n - Improvements to block-dmmd script bnc#828623\n\n - bnc#840196 - MTU size on Dom0 gets reset when booting DomU with e1000 device\n\n - bnc#840592 - CVE-2013-4355: XSA-63: xen: Information leaks through I/O instruction emulation\n\n - bnc#841766 - CVE-2013-4361: XSA-66: xen: Information leak through fbld instruction emulation\n\n - bnc#842511 - CVE-2013-4368: XSA-67: xen: Information leak through outs instruction emulation\n\n - bnc#842512 - CVE-2013-4369: XSA-68: xen: possible null dereference when parsing vif ratelimiting info\n\n - bnc#842513 - CVE-2013-4370: XSA-69: xen: misplaced free in ocaml xc_vcpu_getaffinity stub\n\n - bnc#842514 - CVE-2013-4371: XSA-70: xen: use-after-free in libxl_list_cpupool under memory pressure\n\n - bnc#842515 - CVE-2013-4375: XSA-71: xen: qemu disk backend (qdisk) resource leak\n\n - bnc#839596 - CVE-2013-1442: XSA-62: xen: Information leak on AVX and/or LWP capable CPUs\n\n - bnc#833251 - [HP BCS SLES11 Bug]: In HP’s UEFI x86_64 platform and with xen environment, in booting stage ,xen hypervisor will panic.\n\n - bnc#833796 - Xen: migration broken from xsave-capable to xsave-incapable host\n\n - bnc#834751 - [HP BCS SLES11 Bug]: In xen, “shutdown –y 0 –h” cannot power off system\n\n - bnc#839600 - [HP BCS SLES11 Bug]: In HP’s UEFI x86_64 platform and sles11sp3 with xen environment, xen hypervisor will panic on multiple blades nPar. \n\n - bnc#833251 - [HP BCS SLES11 Bug]: In HP’s UEFI x86_64 platform and with xen environment, in booting stage ,xen hypervisor will panic.\n\n - bnc#835896 - vcpus not started after upgrading Dom0 from 11SP2 to SP3\n\n - bnc#836239 - SLES 11 SP3 Xen security patch does not automatically update UEFI boot binary", "published": "2014-06-13T00:00:00", "cvss": {"score": 5.2, "vector": "AV:ADJACENT_NETWORK/AC:MEDIUM/Au:SINGLE_INSTANCE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=74865", "cvelist": ["CVE-2013-4368", "CVE-2013-4370", "CVE-2013-4416", "CVE-2013-4361", "CVE-2013-4369", "CVE-2013-4371", "CVE-2013-1442", "CVE-2013-4355", "CVE-2013-4375"], "lastseen": "2017-10-29T13:45:12"}, {"id": "SUSE_SU-2013-1774-1.NASL", "type": "nessus", "title": "SUSE SLED11 / SLES11 Security Update : Xen (SUSE-SU-2013:1774-1)", "description": "XEN has been updated to version 4.2.3 c/s 26170, fixing various bugs and security issues.\n\n - CVE-2013-4416: XSA-72: Fixed ocaml xenstored that mishandled oversized message replies\n\n - CVE-2013-4355: XSA-63: Fixed information leaks through I/O instruction emulation\n\n - CVE-2013-4361: XSA-66: Fixed information leak through fbld instruction emulation\n\n - CVE-2013-4368: XSA-67: Fixed information leak through outs instruction emulation\n\n - CVE-2013-4369: XSA-68: Fixed possible null dereference when parsing vif ratelimiting info\n\n - CVE-2013-4370: XSA-69: Fixed misplaced free in ocaml xc_vcpu_getaffinity stub\n\n - CVE-2013-4371: XSA-70: Fixed use-after-free in libxl_list_cpupool under memory pressure\n\n - CVE-2013-4375: XSA-71: xen: qemu disk backend (qdisk) resource leak\n\n - CVE-2013-1442: XSA-62: Fixed information leak on AVX and/or LWP capable CPUs\n\n - CVE-2013-1432: XSA-58: Page reference counting error due to XSA-45/CVE-2013-1918 fixes.\n\nVarious bugs have also been fixed :\n\n - Boot failure with xen kernel in UEFI mode with error 'No memory for trampoline' (bnc#833483)\n\n - Improvements to block-dmmd script (bnc#828623)\n\n - MTU size on Dom0 gets reset when booting DomU with e1000 device (bnc#840196)\n\n - In HP's UEFI x86_64 platform and with xen environment, in booting stage, xen hypervisor will panic.\n (bnc#833251)\n\n - Xen: migration broken from xsave-capable to xsave-incapable host (bnc#833796)\n\n - In xen, 'shutdown -y 0 -h' cannot power off system (bnc#834751)\n\n - In HP's UEFI x86_64 platform with xen environment, xen hypervisor will panic on multiple blades nPar.\n (bnc#839600)\n\n - vcpus not started after upgrading Dom0 from SLES 11 SP2 to SP3 (bnc#835896)\n\n - SLES 11 SP3 Xen security patch does not automatically update UEFI boot binary (bnc#836239)\n\n - Failed to setup devices for vm instance when start multiple vms simultaneously (bnc#824676)\n\n - SLES 9 SP4 guest fails to start after upgrading to SLES 11 SP3 (bnc#817799)\n\n - Various upstream fixes have been included.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2015-05-20T00:00:00", "cvss": {"score": 7.4, "vector": "AV:ADJACENT_NETWORK/AC:MEDIUM/Au:SINGLE_INSTANCE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=83602", "cvelist": ["CVE-2013-4368", "CVE-2013-4370", "CVE-2013-4416", "CVE-2013-1432", "CVE-2013-4361", "CVE-2013-1918", "CVE-2013-4369", "CVE-2013-4371", "CVE-2013-1442", "CVE-2013-4355", "CVE-2013-4375"], "lastseen": "2017-10-29T13:44:34"}, {"id": "SUSE_11_XEN-201310-131029.NASL", "type": "nessus", "title": "SuSE 11.2 / 11.3 Security Update : Xen (SAT Patch Numbers 8478 / 8479)", "description": "XEN has been updated to version 4.2.3 c/s 26170, fixing various bugs and security issues.\n\n - XSA-72: Fixed ocaml xenstored that mishandled oversized message replies. (CVE-2013-4416)\n\n - XSA-63: Fixed information leaks through I/O instruction emulation. (CVE-2013-4355)\n\n - XSA-66: Fixed information leak through fbld instruction emulation. (CVE-2013-4361)\n\n - XSA-67: Fixed information leak through outs instruction emulation. (CVE-2013-4368)\n\n - XSA-68: Fixed possible null dereference when parsing vif ratelimiting info. (CVE-2013-4369)\n\n - XSA-69: Fixed misplaced free in ocaml xc_vcpu_getaffinity stub. (CVE-2013-4370)\n\n - XSA-70: Fixed use-after-free in libxl_list_cpupool under memory pressure. (CVE-2013-4371)\n\n - XSA-71: xen: qemu disk backend (qdisk) resource leak.\n (CVE-2013-4375)\n\n - XSA-62: Fixed information leak on AVX and/or LWP capable CPUs. (CVE-2013-1442)\n\n - XSA-58: Page reference counting error due to XSA-45/CVE-2013-1918 fixes. Various bugs have also been fixed:. (CVE-2013-1432)\n\n - Boot failure with xen kernel in UEFI mode with error 'No memory for trampoline'. (bnc#833483)\n\n - Improvements to block-dmmd script. (bnc#828623)\n\n - MTU size on Dom0 gets reset when booting DomU with e1000 device. (bnc#840196)\n\n - In HP's UEFI x86_64 platform and with xen environment, in booting stage, xen hypervisor will panic.\n (bnc#833251)\n\n - Xen: migration broken from xsave-capable to xsave-incapable host. (bnc#833796)\n\n - In xen, 'shutdown -y 0 -h' cannot power off system.\n (bnc#834751)\n\n - In HP's UEFI x86_64 platform with xen environment, xen hypervisor will panic on multiple blades nPar.\n (bnc#839600)\n\n - vcpus not started after upgrading Dom0 from SLES 11 SP2 to SP3. (bnc#835896)\n\n - SLES 11 SP3 Xen security patch does not automatically update UEFI boot binary. (bnc#836239)\n\n - Failed to setup devices for vm instance when start multiple vms simultaneously. (bnc#824676)\n\n - SLES 9 SP4 guest fails to start after upgrading to SLES 11 SP3. (bnc#817799)\n\n - Various upstream fixes have been included.", "published": "2013-11-20T00:00:00", "cvss": {"score": 7.4, "vector": "AV:ADJACENT_NETWORK/AC:MEDIUM/Au:SINGLE_INSTANCE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=70969", "cvelist": ["CVE-2013-2196", "CVE-2013-4368", "CVE-2013-4370", "CVE-2013-4329", "CVE-2013-4416", "CVE-2013-1432", "CVE-2013-4361", "CVE-2013-2194", "CVE-2013-1918", "CVE-2013-4369", "CVE-2013-4371", "CVE-2013-1442", "CVE-2013-2195", "CVE-2013-2211", "CVE-2013-4355", "CVE-2013-4375"], "lastseen": "2017-10-29T13:44:03"}, {"id": "GENTOO_GLSA-201407-03.NASL", "type": "nessus", "title": "GLSA-201407-03 : Xen: Multiple Vunlerabilities", "description": "The remote host is affected by the vulnerability described in GLSA-201407-03 (Xen: Multiple Vunlerabilities)\n\n Multiple vulnerabilities have been discovered in Xen. Please review the CVE identifiers referenced below for details.\n Impact :\n\n A remote attacker can utilize multiple vectors to execute arbitrary code, cause Denial of Service, or gain access to data on the host.\n Workaround :\n\n There is no known workaround at this time.", "published": "2014-07-17T00:00:00", "cvss": {"score": 8.3, "vector": "AV:ADJACENT_NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=76544", "cvelist": ["CVE-2014-1891", "CVE-2014-4021", "CVE-2014-1642", "CVE-2013-4368", "CVE-2013-4370", "CVE-2013-4329", "CVE-2014-1895", "CVE-2013-4356", "CVE-2014-1894", "CVE-2013-4554", "CVE-2014-1892", "CVE-2013-4416", "CVE-2013-4361", "CVE-2014-3124", "CVE-2013-6400", "CVE-2014-1896", "CVE-2013-4553", "CVE-2013-6375", "CVE-2014-2599", "CVE-2014-1893", "CVE-2013-4369", "CVE-2013-6885", "CVE-2013-4371", "CVE-2013-1442", "CVE-2013-4551", "CVE-2014-1666", "CVE-2013-4494", "CVE-2013-4355", "CVE-2013-4375"], "lastseen": "2017-10-29T13:45:33"}], "openvas": [{"id": "OPENVAS:867057", "type": "openvas", "title": "Fedora Update for xen FEDORA-2013-20555", "description": "Check for the Version of xen", "published": "2013-11-18T00:00:00", "cvss": {"score": 7.4, "vector": "AV:ADJACENT_NETWORK/AC:MEDIUM/Au:SINGLE_INSTANCE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=867057", "cvelist": ["CVE-2013-2196", "CVE-2013-4368", "CVE-2013-4370", "CVE-2013-4329", "CVE-2013-4416", "CVE-2013-1432", "CVE-2013-4361", "CVE-2013-2194", "CVE-2013-1918", "CVE-2013-4369", "CVE-2013-4371", "CVE-2013-1442", "CVE-2013-2195", "CVE-2013-2211", "CVE-2013-4494", "CVE-2013-4355", "CVE-2013-4375"], "lastseen": "2018-01-23T13:09:37"}, {"id": "OPENVAS:867075", "type": "openvas", "title": "Fedora Update for xen FEDORA-2013-21041", "description": "Check for the Version of xen", "published": "2013-11-21T00:00:00", "cvss": {"score": 7.4, "vector": "AV:ADJACENT_NETWORK/AC:MEDIUM/Au:SINGLE_INSTANCE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=867075", "cvelist": ["CVE-2013-2196", "CVE-2013-4368", "CVE-2013-4370", "CVE-2013-4329", "CVE-2013-4416", "CVE-2013-1432", "CVE-2013-4361", "CVE-2013-2194", "CVE-2013-1918", "CVE-2013-4369", "CVE-2013-4371", "CVE-2013-1442", "CVE-2013-2195", "CVE-2013-4551", "CVE-2013-2211", "CVE-2013-4494", "CVE-2013-4355", "CVE-2013-4375"], "lastseen": "2018-01-26T11:09:38"}, {"id": "OPENVAS:1361412562310867123", "type": "openvas", "title": "Fedora Update for xen FEDORA-2013-22325", "description": "Check for the Version of xen", "published": "2013-12-17T00:00:00", "cvss": {"score": 7.9, "vector": "AV:ADJACENT_NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310867123", "cvelist": ["CVE-2013-2196", "CVE-2013-4368", "CVE-2013-4370", "CVE-2013-4329", "CVE-2013-4554", "CVE-2013-4416", "CVE-2013-1432", "CVE-2013-4361", "CVE-2013-2194", "CVE-2013-1918", "CVE-2013-4553", "CVE-2013-6375", "CVE-2013-4369", "CVE-2013-4371", "CVE-2013-1442", "CVE-2013-2195", "CVE-2013-4551", "CVE-2013-2211", "CVE-2013-4494", "CVE-2013-4355", "CVE-2013-4375"], "lastseen": "2018-04-06T11:21:49"}, {"id": "OPENVAS:867123", "type": "openvas", "title": "Fedora Update for xen FEDORA-2013-22325", "description": "Check for the Version of xen", "published": "2013-12-17T00:00:00", "cvss": {"score": 7.9, "vector": "AV:ADJACENT_NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=867123", "cvelist": ["CVE-2013-2196", "CVE-2013-4368", "CVE-2013-4370", "CVE-2013-4329", "CVE-2013-4554", "CVE-2013-4416", "CVE-2013-1432", "CVE-2013-4361", "CVE-2013-2194", "CVE-2013-1918", "CVE-2013-4553", "CVE-2013-6375", "CVE-2013-4369", "CVE-2013-4371", "CVE-2013-1442", "CVE-2013-2195", "CVE-2013-4551", "CVE-2013-2211", "CVE-2013-4494", "CVE-2013-4355", "CVE-2013-4375"], "lastseen": "2018-01-23T13:09:49"}, {"id": "OPENVAS:867005", "type": "openvas", "title": "Fedora Update for xen FEDORA-2013-19048", "description": "Check for the Version of xen", "published": "2013-10-23T00:00:00", "cvss": {"score": 7.4, "vector": "AV:ADJACENT_NETWORK/AC:MEDIUM/Au:SINGLE_INSTANCE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=867005", "cvelist": ["CVE-2013-2196", "CVE-2013-4368", "CVE-2013-4370", "CVE-2013-4329", "CVE-2013-1432", "CVE-2013-4361", "CVE-2013-2194", "CVE-2013-1918", "CVE-2013-4369", "CVE-2013-4371", "CVE-2013-1442", "CVE-2013-2195", "CVE-2013-2211", "CVE-2013-4355", "CVE-2013-4375"], "lastseen": "2017-07-25T10:52:09"}, {"id": "OPENVAS:1361412562310867075", "type": "openvas", "title": "Fedora Update for xen FEDORA-2013-21041", "description": "Check for the Version of xen", "published": "2013-11-21T00:00:00", "cvss": {"score": 7.4, "vector": "AV:ADJACENT_NETWORK/AC:MEDIUM/Au:SINGLE_INSTANCE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310867075", "cvelist": ["CVE-2013-2196", "CVE-2013-4368", "CVE-2013-4370", "CVE-2013-4329", "CVE-2013-4416", "CVE-2013-1432", "CVE-2013-4361", "CVE-2013-2194", "CVE-2013-1918", "CVE-2013-4369", "CVE-2013-4371", "CVE-2013-1442", "CVE-2013-2195", "CVE-2013-4551", "CVE-2013-2211", "CVE-2013-4494", "CVE-2013-4355", "CVE-2013-4375"], "lastseen": "2018-04-06T11:21:34"}, {"id": "OPENVAS:1361412562310867057", "type": "openvas", "title": "Fedora Update for xen FEDORA-2013-20555", "description": "Check for the Version of xen", "published": "2013-11-18T00:00:00", "cvss": {"score": 7.4, "vector": "AV:ADJACENT_NETWORK/AC:MEDIUM/Au:SINGLE_INSTANCE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310867057", "cvelist": ["CVE-2013-2196", "CVE-2013-4368", "CVE-2013-4370", "CVE-2013-4329", "CVE-2013-4416", "CVE-2013-1432", "CVE-2013-4361", "CVE-2013-2194", "CVE-2013-1918", "CVE-2013-4369", "CVE-2013-4371", "CVE-2013-1442", "CVE-2013-2195", "CVE-2013-2211", "CVE-2013-4494", "CVE-2013-4355", "CVE-2013-4375"], "lastseen": "2018-04-06T11:21:18"}, {"id": "OPENVAS:1361412562310867005", "type": "openvas", "title": "Fedora Update for xen FEDORA-2013-19048", "description": "Check for the Version of xen", "published": "2013-10-23T00:00:00", "cvss": {"score": 7.4, "vector": "AV:ADJACENT_NETWORK/AC:MEDIUM/Au:SINGLE_INSTANCE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310867005", "cvelist": ["CVE-2013-2196", "CVE-2013-4368", "CVE-2013-4370", "CVE-2013-4329", "CVE-2013-1432", "CVE-2013-4361", "CVE-2013-2194", "CVE-2013-1918", "CVE-2013-4369", "CVE-2013-4371", "CVE-2013-1442", "CVE-2013-2195", "CVE-2013-2211", "CVE-2013-4355", "CVE-2013-4375"], "lastseen": "2018-04-09T11:24:36"}, {"id": "OPENVAS:1361412562310867199", "type": "openvas", "title": "Fedora Update for xen FEDORA-2013-23457", "description": "Check for the Version of xen", "published": "2013-12-30T00:00:00", "cvss": {"score": 7.9, "vector": "AV:ADJACENT_NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310867199", "cvelist": ["CVE-2013-2196", "CVE-2013-4368", "CVE-2013-4370", "CVE-2013-4329", "CVE-2013-4554", "CVE-2013-4416", "CVE-2013-1432", "CVE-2013-4361", "CVE-2013-2194", "CVE-2013-1918", "CVE-2013-6400", "CVE-2013-4553", "CVE-2013-6375", "CVE-2013-4369", "CVE-2013-6885", "CVE-2013-4371", "CVE-2013-1442", "CVE-2013-2195", "CVE-2013-4551", "CVE-2013-2211", "CVE-2013-4494", "CVE-2013-4355", "CVE-2013-4375"], "lastseen": "2018-04-06T11:21:30"}, {"id": "OPENVAS:1361412562310867166", "type": "openvas", "title": "Fedora Update for xen FEDORA-2013-22888", "description": "Check for the Version of xen", "published": "2013-12-17T00:00:00", "cvss": {"score": 7.9, "vector": "AV:ADJACENT_NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310867166", "cvelist": ["CVE-2013-2196", "CVE-2013-4368", "CVE-2013-4370", "CVE-2013-4329", "CVE-2013-4554", "CVE-2013-4416", "CVE-2013-1432", "CVE-2013-4361", "CVE-2013-2194", "CVE-2013-1918", "CVE-2013-4553", "CVE-2013-6375", "CVE-2013-4369", "CVE-2013-6885", "CVE-2013-4371", "CVE-2013-1442", "CVE-2013-2195", "CVE-2013-4551", "CVE-2013-2211", "CVE-2013-4494", "CVE-2013-4355", "CVE-2013-4375"], "lastseen": "2018-04-09T11:24:00"}], "gentoo": [{"id": "GLSA-201407-03", "type": "gentoo", "title": "Xen: Multiple Vunlerabilities", "description": "### Background\n\nXen is a bare-metal hypervisor.\n\n### Description\n\nMultiple vulnerabilities have been discovered in Xen. Please review the CVE identifiers referenced below for details. \n\n### Impact\n\nA remote attacker can utilize multiple vectors to execute arbitrary code, cause Denial of Service, or gain access to data on the host. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll Xen 4.3 users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=app-emulations/xen-4.3.2-r2\"\n \n\nAll Xen 4.2 users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=app-emulations/xen-4.2.4-r2\"\n \n\nAll xen-tools 4.3 users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose\n \">=app-emulations/xen-tools-4.3.2-r2\"\n \n\nAll xen-tools 4.2 users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose\n \">=app-emulations/xen-tools-4.2.4-r2\"\n \n\nAll Xen PVGRUB 4.3 users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=app-emulations/xen-pvgrub-4.3.2\"\n \n\nAll Xen PVGRUB 4.2 users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=app-emulations/xen-pvgrub-4.2.4\"", "published": "2014-07-16T00:00:00", "cvss": {"score": 8.3, "vector": "AV:ADJACENT_NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://security.gentoo.org/glsa/201407-03", "cvelist": ["CVE-2014-1891", "CVE-2014-4021", "CVE-2014-1642", "CVE-2013-4368", "CVE-2013-4370", "CVE-2013-4329", "CVE-2014-1895", "CVE-2013-4356", "CVE-2014-1894", "CVE-2013-4554", "CVE-2014-1892", "CVE-2013-4416", "CVE-2013-4361", "CVE-2014-3124", "CVE-2013-6400", "CVE-2014-1896", "CVE-2013-4553", "CVE-2013-6375", "CVE-2014-2599", "CVE-2014-1893", "CVE-2013-4369", "CVE-2013-6885", "CVE-2013-4371", "CVE-2013-1442", "CVE-2013-4551", "CVE-2014-1666", "CVE-2013-4494", "CVE-2013-4355", "CVE-2013-4375"], "lastseen": "2016-09-06T19:46:32"}]}}