Published: 07/01/2014 Updated: 06/10/2015

CVSS v2 Base Score: 5.5 | Impact Score: 6.9 | Exploitability Score: 5.1

VMScore: 490

Vector: AV:A/AC:L/Au:S/C:N/I:N/A:C

Xen, possibly prior to 4.0.2, allows local 64-bit PV guests to cause a denial of service (host crash) by specifying user mode execution without user-mode pagetables.

Vulnerable Product	Search on Vulmon	Subscribe to Product
xen xen 3.1.4
xen xen 3.2.1
xen xen 3.3.2
xen xen 3.4.1
xen xen 3.2.2
xen xen 3.2.3
xen xen 3.3.0
xen xen 3.3.1
xen xen 3.0.2
xen xen 3.0.3
xen xen 3.0.4
xen xen 3.4.3
xen xen 3.4.4
xen xen 4.0.0
xen xen
xen xen 3.1.3
xen xen 3.2.0
xen xen 3.4.0
xen xen 3.4.2

Several vulnerabilities were discovered in the Xen virtual machine hypervisor CVE-2011-1166 A 64-bit guest can get one of its vCPUs into non-kernel mode without first providing a valid non-kernel pagetable, thereby locking up the host system CVE-2011-1583, CVE-2011-3262 Local users can cause a denial of service and possibly execute arb ...

CWE-20 http://wiki.xen.org/wiki/Security_Announcements#XSA-1_Host_crash_due_to_failure_to_correctly_validate_PV_kernel_execution_state.http://rhn.redhat.com/errata/RHSA-2011-0833.html http://downloads.avaya.com/css/P8/documents/100145416 https://nvd.nist.gov https://www.debian.org/security/./dsa-2337

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2011-1166

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect