ID CVE-2013-0152
Summary Memory leak in Xen 4.2 and unstable allows local HVM guests to cause a denial of service (host memory consumption) by performing nested virtualization in a way that triggers errors that are not properly handled.
References
Vulnerable Configurations
  • cpe:2.3:o:xen:xen:4.2.0:*:*:*:*:*:*:*
    cpe:2.3:o:xen:xen:4.2.0:*:*:*:*:*:*:*
CVSS
Base: 4.7 (as of 11-10-2013 - 03:48)
Impact:
Exploitability:
CWE CWE-399
CAPEC
Access
VectorComplexityAuthentication
LOCAL MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE COMPLETE
cvss-vector via4 AV:L/AC:M/Au:N/C:N/I:N/A:C
refmap via4
gentoo GLSA-201309-24
mlist [oss-security] 20130123 Xen Security Advisory 35 (CVE-2013-0152) - Nested HVM exposes host to being driven out of memory by guest
sectrack 1028032
secunia 55082
Last major update 11-10-2013 - 03:48
Published 13-02-2013 - 01:55
Back to Top