7.4 High
CVSS2
Attack Vector
ADJACENT_NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:A/AC:M/Au:S/C:C/I:C/A:C
0.001 Low
EPSS
Percentile
26.7%
Xen 4.1.x and 4.2.x, when the XSA-45 patch is in place, does not properly
maintain references on pages stored for deferred cleanup, which allows
local PV guest kernels to cause a denial of service (premature page free
and hypervisor crash) or possibly gain privileges via unspecified vectors.
Author | Note |
---|---|
mdeslaur | hypervisor packages are in universe. For issues in the hypervisor, add appropriate tags to each section, ex: Tags_xen: universe-binary |
seth-arnold | Incomplete / incorrect fix for CVE-2013-1918 |
mdeslaur | This is XSA-58 4.1 and 4.2 only |