Published: 23/11/2013 Updated: 21/11/2024

Xen 4.2.x and 4.3.x, when using Intel VT-d for PCI passthrough, does not properly flush the TLB after clearing a present translation table entry, which allows local guest administrators to cause a denial of service or gain privileges via unspecified vectors related to an "inverted boolean parameter."

Vulnerable Product	Search on Vulmon	Subscribe to Product
xen xen 4.2.1
xen xen 4.2.2
xen xen 4.2.3
xen xen 4.3.0
xen xen 4.3.1
opensuse opensuse 13.1

Debian Bug report logs - #730254 xen: CVE-2013-6375: Insufficient TLB flushing in VT-d (iommu) code Package: xen; Maintainer for xen is Debian Xen Team <pkg-xen-devel@listsaliothdebianorg>; Reported by: Henri Salo <henri@nervfi> Date: Sat, 23 Nov 2013 09:45:02 UTC Severity: important Tags: fixed-upstream, patch, ...

CWE-264 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=730254 https://nvd.nist.gov https://www.first.org/epss http://lists.opensuse.org/opensuse-updates/2013-12/msg00059.html http://security.gentoo.org/glsa/glsa-201407-03.xml http://www.openwall.com/lists/oss-security/2013/11/20/3 http://www.openwall.com/lists/oss-security/2013/11/21/1 http://www.securitytracker.com/id/1029369 http://lists.opensuse.org/opensuse-updates/2013-12/msg00059.html http://security.gentoo.org/glsa/glsa-201407-03.xml http://www.openwall.com/lists/oss-security/2013/11/20/3 http://www.openwall.com/lists/oss-security/2013/11/21/1 http://www.securitytracker.com/id/1029369

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2013-6375

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect