Lucene search

K

[email protected]NVD:CVE-2013-1964

HistoryMay 21, 2013 - 6:55 p.m.

CVE-2013-1964

2013-05-2118:55:01

CWE-264

[email protected]

web.nvd.nist.gov

1

6.9 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

6.7 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

26.7%

Xen 4.0.x and 4.1.x incorrectly releases a grant reference when releasing a non-v1, non-transitive grant, which allows local guest administrators to cause a denial of service (host crash), obtain sensitive information, or possibly have other impacts via unspecified vectors.

Affected configurations

NVD

Node

xenxenMatch4.0.0

OR

xenxenMatch4.0.1

OR

xenxenMatch4.0.2

OR

xenxenMatch4.0.3

OR

xenxenMatch4.0.4

OR

xenxenMatch4.1.0

OR

xenxenMatch4.1.1

OR

xenxenMatch4.1.2

OR

xenxenMatch4.1.3

OR

xenxenMatch4.1.4

OR

xenxenMatch4.1.5

References

lists.fedoraproject.org/pipermail/package-announce/2013-May/104537.html

lists.opensuse.org/opensuse-security-announce/2014-03/msg00021.html

secunia.com/advisories/55082

security.gentoo.org/glsa/glsa-201309-24.xml

www.debian.org/security/2013/dsa-2666

www.openwall.com/lists/oss-security/2013/04/18/9

www.securityfocus.com/bid/59293

www.securitytracker.com/id/1028459

6.9 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

6.7 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

26.7%

Related for NVD:CVE-2013-1964

cvelist1 xen1 debiancve1 cve1 prion1 ubuntucve1 nessus9 openvas20 debian1 osv1 securityvulns2 suse2 fedora7 gentoo1