Lucene search

[email protected]CVE-2011-3131

HistoryOct 03, 2022 - 4:15 p.m.

CVE-2011-3131

2022-10-0316:15:05

CWE-399

[email protected]

web.nvd.nist.gov

xen

4.1.1

local

guest os

denial of service

vulnerability

iommu

cpu consumption

hang

4.6 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:S/C:N/I:N/A:C

8.4 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

36.2%

JSON

Xen 4.1.1 and earlier allows local guest OS kernels with control of a PCI[E] device to cause a denial of service (CPU consumption and host hang) via many crafted DMA requests that are denied by the IOMMU, which triggers a livelock.

Affected configurations

NVD

Node

xenxenRange≤4.1.1

CPENameOperatorVersion
xen:xenxenle4.1.1

CPE	Name	Operator	Version
xen:xen	xen	le	4.1.1

References

old-list-archives.xen.org/archives/html/xen-devel/2011-06/msg01106.html

old-list-archives.xen.org/archives/html/xen-devel/2011-08/msg00450.html

secunia.com/advisories/45622

secunia.com/advisories/51468

www.debian.org/security/2012/dsa-2582

www.securityfocus.com/bid/49146

xenbits.xen.org/hg/staging/xen-4.1-testing.hg/rev/84e3706df07a

4.6 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:S/C:N/I:N/A:C

8.4 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

36.2%

JSON

Related for CVE-2011-3131

openvas17 prion1 nessus10 debiancve1 fedora2 veracode1 ubuntucve1 nvd1 cvelist1 suse1 osv1 securityvulns2 debian1 centos1 redhat2 oraclelinux2