Lucene search

[email protected]CVE-2013-2195

HistoryAug 23, 2013 - 4:55 p.m.

CVE-2013-2195

2013-08-2316:55:07

CWE-189

[email protected]

web.nvd.nist.gov

cve-2013-2195

elf parser

libelf

xen 4.2.x

information security

nvd

vulnerability

6.9 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

4 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

28.6%

JSON

The Elf parser (libelf) in Xen 4.2.x and earlier allow local guest administrators with certain permissions to have an unspecified impact via a crafted kernel, related to “pointer dereferences” involving unexpected calculations.

Affected configurations

NVD

Node

xenxenRange≤4.2.2

xenxenMatch4.2.0

xenxenMatch4.2.1

CPENameOperatorVersion
xen:xenxenle4.2.2
xen:xenxeneq4.2.0
xen:xenxeneq4.2.1

CPE	Name	Operator	Version
xen:xen	xen	le	4.2.2
xen:xen	xen	eq	4.2.0
xen:xen	xen	eq	4.2.1

References

lists.opensuse.org/opensuse-security-announce/2014-03/msg00015.html

lists.opensuse.org/opensuse-security-announce/2014-03/msg00021.html

lists.opensuse.org/opensuse-security-announce/2014-04/msg00000.html

secunia.com/advisories/55082

security.gentoo.org/glsa/glsa-201309-24.xml

support.citrix.com/article/CTX138058

www.debian.org/security/2014/dsa-3006

www.openwall.com/lists/oss-security/2013/06/20/2

www.openwall.com/lists/oss-security/2013/06/20/4

6.9 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

4 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

28.6%

JSON

Related for CVE-2013-2195

ubuntucve2 debiancve2 prion2 cvelist2 nvd2 fedora39 nessus13 cve1 xen1 openvas74 suse4 mageia1 osv1 debian1 gentoo1