Published: 28/08/2013 Updated: 22/12/2016

CVSS v2 Base Score: 5.7 | Impact Score: 6.9 | Exploitability Score: 5.5

VMScore: 507

Vector: AV:A/AC:M/Au:N/C:N/I:N/A:C

The vmx_set_uc_mode function in Xen 3.3 up to and including 4.3, when disabling caches, allows local HVM guests with access to memory mapped I/O regions to cause a denial of service (CPU consumption and possibly hypervisor or guest kernel panic) via a crafted GFN range.

Vulnerable Product	Search on Vulmon	Subscribe to Product
xen xen 3.3.2
xen xen 3.4.0
xen xen 4.0.2
xen xen 4.0.3
xen xen 4.1.5
xen xen 4.2.0
xen xen 4.3.0
xen xen 3.4.3
xen xen 3.4.4
xen xen 4.1.1
xen xen 4.1.2
xen xen 3.4.1
xen xen 3.4.2
xen xen 4.0.4
xen xen 4.1.0
xen xen 4.2.1
xen xen 4.2.2
xen xen 3.3.0
xen xen 3.3.1
xen xen 4.0.0
xen xen 4.0.1
xen xen 4.1.3
xen xen 4.1.4

The vmx_set_uc_mode function in Xen 33 through 43, when disabling caches, allows local HVM guests with access to memory mapped I/O regions to cause a denial of service (CPU consumption and possibly hypervisor or guest kernel panic) via a crafted GFN range ...

CWE-119 http://www.openwall.com/lists/oss-security/2013/07/24/6 http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00021.html http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00010.html http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00011.html https://security.gentoo.org/glsa/201504-04 https://nvd.nist.gov https://access.redhat.com/security/cve/cve-2013-2212

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2013-2212

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect