Lucene search

PRIOn knowledge basePRION:CVE-2013-4554

HistoryDec 24, 2013 - 7:55 p.m.

Code injection

2013-12-2419:55:00

PRIOn knowledge base

www.prio-n.com

6.8 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

26.7%

JSON

Xen 3.0.3 through 4.1.x (possibly 4.1.6.1), 4.2.x (possibly 4.2.3), and 4.3.x (possibly 4.3.1) does not properly prevent access to hypercalls, which allows local guest users to gain privileges via a crafted application running in ring 1 or 2.

CPENameOperatorVersion
xeneq3.2.0
xeneq4.1.5
xeneq3.2.1
xeneq3.0.4
xeneq3.4.0
xeneq4.0.4
xeneq4.0.2
xeneq3.3.2
xeneq4.1.2
xeneq3.2.2

Name	Operator	Version
xen	eq	3.2.0
xen	eq	4.1.5
xen	eq	3.2.1
xen	eq	3.0.4
xen	eq	3.4.0
xen	eq	4.0.4
xen	eq	4.0.2
xen	eq	3.3.2
xen	eq	4.1.2
xen	eq	3.2.2

Rows per page:

1-10 of 341

References

lists.opensuse.org/opensuse-security-announce/2014-03/msg00010.html

lists.opensuse.org/opensuse-security-announce/2014-03/msg00015.html

lists.opensuse.org/opensuse-security-announce/2014-03/msg00021.html

lists.opensuse.org/opensuse-security-announce/2014-04/msg00000.html

lists.opensuse.org/opensuse-updates/2013-12/msg00059.html

rhn.redhat.com/errata/RHSA-2014-0285.html

security.gentoo.org/glsa/glsa-201407-03.xml

www.openwall.com/lists/oss-security/2013/11/26/9