Lucene search

PRIOn knowledge basePRION:CVE-2013-1917

HistoryMay 13, 2013 - 11:55 p.m.

Information disclosure

2013-05-1323:55:00

PRIOn knowledge base

www.prio-n.com

6.7 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

26.7%

JSON

Xen 3.1 through 4.x, when running 64-bit hosts on Intel CPUs, does not clear the NT flag when using an IRET after a SYSENTER instruction, which allows PV guest users to cause a denial of service (hypervisor crash) by triggering a #GP fault, which is not properly handled by another IRET instruction.

CPENameOperatorVersion
xeneq3.2.0
xeneq3.2.1
xeneq4.2.2
xeneq3.4.0
xeneq4.0.4
xeneq4.0.2
xeneq3.3.2
xeneq4.1.2
xeneq3.2.2
xeneq3.4.4

Name	Operator	Version
xen	eq	3.2.0
xen	eq	3.2.1
xen	eq	4.2.2
xen	eq	3.4.0
xen	eq	4.0.4
xen	eq	4.0.2
xen	eq	3.3.2
xen	eq	4.1.2
xen	eq	3.2.2
xen	eq	3.4.4

Rows per page:

1-10 of 271

References

lists.opensuse.org/opensuse-security-announce/2014-03/msg00015.html

lists.opensuse.org/opensuse-security-announce/2014-03/msg00021.html

lists.opensuse.org/opensuse-security-announce/2014-04/msg00000.html

lists.opensuse.org/opensuse-updates/2013-06/msg00049.html

secunia.com/advisories/55082

security.gentoo.org/glsa/glsa-201309-24.xml

www.debian.org/security/2012/dsa-2662

www.openwall.com/lists/oss-security/2013/04/18/8

www.securitytracker.com/id/1028455

lists.fedoraproject.org/pipermail/package-announce/2013-May/104537.html