Published: 23/11/2013 Updated: 30/10/2018

CVSS v2 Base Score: 7.9 | Impact Score: 10 | Exploitability Score: 5.5

VMScore: 703

Vector: AV:A/AC:M/Au:N/C:C/I:C/A:C

Xen 4.2.x and 4.3.x, when using Intel VT-d for PCI passthrough, does not properly flush the TLB after clearing a present translation table entry, which allows local guest administrators to cause a denial of service or gain privileges via unspecified vectors related to an "inverted boolean parameter."

Vulnerable Product	Search on Vulmon	Subscribe to Product
xen xen 4.3.1
xen xen 4.2.1
xen xen 4.2.2
xen xen 4.2.3
xen xen 4.3.0
opensuse opensuse 13.1

Debian Bug report logs - #730254 xen: CVE-2013-6375: Insufficient TLB flushing in VT-d (iommu) code Package: xen; Maintainer for xen is Debian Xen Team <pkg-xen-devel@listsaliothdebianorg>; Reported by: Henri Salo <henri@nervfi> Date: Sat, 23 Nov 2013 09:45:02 UTC Severity: important Tags: fixed-upstream, patch, ...

CWE-264 http://www.openwall.com/lists/oss-security/2013/11/20/3 http://www.openwall.com/lists/oss-security/2013/11/21/1 http://lists.opensuse.org/opensuse-updates/2013-12/msg00059.html http://www.securitytracker.com/id/1029369 http://security.gentoo.org/glsa/glsa-201407-03.xml https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=730254 https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2013-6375

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect