Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4.4
CVSSv2

CVE-2013-4371

Published: 17/10/2013 Updated: 07/01/2017
CVSS v2 Base Score: 4.4 | Impact Score: 6.4 | Exploitability Score: 3.4
VMScore: 392
Vector: AV:L/AC:M/Au:N/C:P/I:P/A:P
Subscribe to Xen

Vulnerability Summary

Use-after-free vulnerability in the libxl_list_cpupool function in the libxl toolstack library in Xen 4.2.x and 4.3.x, when running "under memory pressure," returns the original pointer when the realloc function fails, which allows local users to cause a denial of service (heap corruption and crash) and possibly execute arbitrary code via unspecified vectors.

Vulnerable Product Search on Vulmon Subscribe to Product

xen xen 4.2.1

xen xen 4.2.2

xen xen 4.2.3

xen xen 4.3.0

xen xen 4.2.0

Vendor Advisories

Red Hat: CVE-2013-4371
Use-after-free vulnerability in the libxl_list_cpupool function in the libxl toolstack library in Xen 42x and 43x, when running "under memory pressure," returns the original pointer when the realloc function fails, which allows local users to cause a denial of service (heap corruption and crash) and possibly execute arbitrary code via unspecifi ...

References

CWE-399http://www.openwall.com/lists/oss-security/2013/10/10/12http://security.gentoo.org/glsa/glsa-201407-03.xmlhttps://nvd.nist.govhttps://access.redhat.com/security/cve/cve-2013-4371
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereferenceCVE-2023-52689CVE-2024-23803client sideCVE-2023-52696information disclosureCVE-2024-35843CVE-2024-27130CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook