Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2013-4329HistorySep 12, 2013 - 6:37 p.m.
CVE-2013-4329
2013-09-1218:37:43
Debian Security Bug Tracker
security-tracker.debian.org
15
6.5 Medium
CVSS2
Attack Vector
ADJACENT_NETWORK
Attack Complexity
HIGH
Authentication
SINGLE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:A/AC:H/Au:S/C:C/I:C/A:C
0.001 Low
EPSS
Percentile
26.7%
The xenlight library (libxl) in Xen 4.0.x through 4.2.x, when IOMMU is disabled, provides access to a busmastering-capable PCI passthrough device before the IOMMU setup is complete, which allows local HVM guest domains to gain privileges or cause a denial of service via a DMA instruction.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | xen | < 4.3.0-1 | xen_4.3.0-1_all.deb |
| Debian | 11 | all | xen | < 4.3.0-1 | xen_4.3.0-1_all.deb |
| Debian | 999 | all | xen | < 4.3.0-1 | xen_4.3.0-1_all.deb |
| Debian | 13 | all | xen | < 4.3.0-1 | xen_4.3.0-1_all.deb |
Related
nvd
nvd
CVE-2013-4329
2013-09-12 18:37:43
cvelist
cvelist
CVE-2013-4329
2013-09-12 18:00:00
xen
xen
libxl partially sets up HVM passthrough even with disabled iommu
2013-09-10 10:56:00
prion
prion
Information disclosure
2013-09-12 18:37:00
nessus
nessus
Fedora 19 : xen-4.2.3-1.fc19 (2013-16357)
2013-09-19 00:00:00
Fedora 18 : xen-4.2.3-1.fc18 (2013-16371)
2013-09-19 00:00:00
OracleVM 3.1 : xen (OVMSA-2013-0068)
2014-11-26 00:00:00
ubuntucve
ubuntucve
CVE-2013-4329
2013-09-12 00:00:00
cve
cve
CVE-2013-4329
2013-09-12 18:37:43
openvas
openvas
Fedora Update for xen FEDORA-2013-16357
2013-09-24 00:00:00
Fedora Update for xen FEDORA-2013-16357
2013-09-24 00:00:00
Fedora Update for xen FEDORA-2013-17704
2013-10-08 00:00:00
fedora
fedora
[SECURITY] Fedora 19 Update: xen-4.2.3-1.fc19
2013-09-19 02:08:09
[SECURITY] Fedora 19 Update: xen-4.2.3-2.fc19
2013-10-06 01:33:34
[SECURITY] Fedora 19 Update: xen-4.2.3-3.fc19
2013-10-14 17:20:02
debian
debian
[SECURITY] [DSA 3006-1] xen security update
2014-08-18 12:41:33
osv
osv
xen - security update
2014-08-18 00:00:00
gentoo
gentoo
Xen: Multiple Vunlerabilities
2014-07-16 00:00:00
suse
suse
Security update for Xen (important)
2014-03-25 23:04:15
6.5 Medium
CVSS2
Attack Vector
ADJACENT_NETWORK
Attack Complexity
HIGH
Authentication
SINGLE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:A/AC:H/Au:S/C:C/I:C/A:C
0.001 Low
EPSS
Percentile
26.7%
Related for DEBIANCVE:CVE-2013-4329