ID |
CVE-2011-1583
|
Summary |
Multiple integer overflows in tools/libxc/xc_dom_bzimageloader.c in Xen 3.2, 3.3, 4.0, and 4.1 allow local users to cause a denial of service and possibly execute arbitrary code via a crafted paravirtualised guest kernel image that triggers (1) a buffer overflow during a decompression loop or (2) an out-of-bounds read in the loader involving unspecified length fields. |
References |
|
Vulnerable Configurations |
-
cpe:2.3:a:citrix:xen:3.2.0:*:*:*:*:*:*:*
cpe:2.3:a:citrix:xen:3.2.0:*:*:*:*:*:*:*
-
cpe:2.3:a:citrix:xen:3.3.0:*:*:*:*:*:*:*
cpe:2.3:a:citrix:xen:3.3.0:*:*:*:*:*:*:*
-
cpe:2.3:a:citrix:xen:4.0.0:*:*:*:*:*:*:*
cpe:2.3:a:citrix:xen:4.0.0:*:*:*:*:*:*:*
-
cpe:2.3:a:citrix:xen:4.1.0:*:*:*:*:*:*:*
cpe:2.3:a:citrix:xen:4.1.0:*:*:*:*:*:*:*
|
CVSS |
Base: | 6.9 (as of 24-08-2011 - 03:17) |
Impact: | |
Exploitability: | |
|
CWE |
CWE-189 |
CAPEC |
|
Access |
Vector | Complexity | Authentication |
LOCAL |
MEDIUM |
NONE |
|
Impact |
Confidentiality | Integrity | Availability |
COMPLETE |
COMPLETE |
COMPLETE |
|
cvss-vector
via4
|
AV:L/AC:M/Au:N/C:C/I:C/A:C
|
redhat
via4
|
advisories | | rpms | - xen-0:3.0.3-120.el5_6.2
- xen-debuginfo-0:3.0.3-120.el5_6.2
- xen-devel-0:3.0.3-120.el5_6.2
- xen-libs-0:3.0.3-120.el5_6.2
|
|
refmap
via4
|
mlist | - [Xen-devel] 20110509 Re: Xen security advisory CVE-2011-1583 - pv kernel image validation
- [Xen-devel] 20110509 Xen security advisory CVE-2011-1583 - pv kernel image validation
|
|
Last major update |
24-08-2011 - 03:17 |
Published |
12-08-2011 - 18:55 |
Last modified |
24-08-2011 - 03:17 |