1. CVE-Search
  2. CVE-2011-2901
ID CVE-2011-2901
Summary Off-by-one error in the __addr_ok macro in Xen 3.3 and earlier allows local 64 bit PV guest administrators to cause a denial of service (host crash) via unspecified hypercalls that ignore virtual-address bits.
References
Vulnerable Configurations
  • cpe:2.3:o:xen:xen:3.2.0:*:*:*:*:*:*:*
    cpe:2.3:o:xen:xen:3.2.0:*:*:*:*:*:*:*
  • cpe:2.3:o:xen:xen:3.2.1:*:*:*:*:*:*:*
    cpe:2.3:o:xen:xen:3.2.1:*:*:*:*:*:*:*
  • cpe:2.3:o:xen:xen:3.0.4:*:*:*:*:*:*:*
    cpe:2.3:o:xen:xen:3.0.4:*:*:*:*:*:*:*
  • cpe:2.3:o:xen:xen:-:*:*:*:*:*:*:*
    cpe:2.3:o:xen:xen:-:*:*:*:*:*:*:*
  • cpe:2.3:o:xen:xen:3.0.2:*:*:*:*:*:*:*
    cpe:2.3:o:xen:xen:3.0.2:*:*:*:*:*:*:*
  • cpe:2.3:o:xen:xen:3.0.3:*:*:*:*:*:*:*
    cpe:2.3:o:xen:xen:3.0.3:*:*:*:*:*:*:*
  • cpe:2.3:o:xen:xen:3.1.3:*:*:*:*:*:*:*
    cpe:2.3:o:xen:xen:3.1.3:*:*:*:*:*:*:*
  • cpe:2.3:o:xen:xen:3.1.4:*:*:*:*:*:*:*
    cpe:2.3:o:xen:xen:3.1.4:*:*:*:*:*:*:*
  • cpe:2.3:o:xen:xen:3.2.0:*:*:*:*:*:x86:*
    cpe:2.3:o:xen:xen:3.2.0:*:*:*:*:*:x86:*
  • cpe:2.3:o:xen:xen:3.2.0:*:*:*:*:x86:*:*
    cpe:2.3:o:xen:xen:3.2.0:*:*:*:*:x86:*:*
  • cpe:2.3:o:xen:xen:3.2.2:*:*:*:*:*:*:*
    cpe:2.3:o:xen:xen:3.2.2:*:*:*:*:*:*:*
  • cpe:2.3:o:xen:xen:3.2.3:*:*:*:*:*:*:*
    cpe:2.3:o:xen:xen:3.2.3:*:*:*:*:*:*:*
CVSS
Base: 5.5 (as of 13-02-2023 - 04:31)
Impact:
Exploitability:
CWE CWE-399
CAPEC
Access
VectorComplexityAuthentication
ADJACENT_NETWORK LOW SINGLE
Impact
ConfidentialityIntegrityAvailability
NONE NONE COMPLETE
cvss-vector via4 AV:A/AC:L/Au:S/C:N/I:N/A:C
redhat via4
advisories
bugzilla
id 728042
title CVE-2011-2901 kernel: xen: off-by-one shift in x86_64 __addr_ok()
oval
OR
  • comment Red Hat Enterprise Linux must be installed
    oval oval:com.redhat.rhba:tst:20070304026
  • AND
    • comment Red Hat Enterprise Linux 5 is installed
      oval oval:com.redhat.rhba:tst:20070331005
    • OR
      • comment kernel earlier than 0:2.6.18-274.3.1.el5 is currently running
        oval oval:com.redhat.rhsa:tst:20111212025
      • comment kernel earlier than 0:2.6.18-274.3.1.el5 is set to boot up on next boot
        oval oval:com.redhat.rhsa:tst:20111212026
    • OR
      • AND
        • comment kernel is earlier than 0:2.6.18-274.3.1.el5
          oval oval:com.redhat.rhsa:tst:20111212001
        • comment kernel is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhba:tst:20080314002
      • AND
        • comment kernel-PAE is earlier than 0:2.6.18-274.3.1.el5
          oval oval:com.redhat.rhsa:tst:20111212003
        • comment kernel-PAE is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhba:tst:20080314004
      • AND
        • comment kernel-PAE-devel is earlier than 0:2.6.18-274.3.1.el5
          oval oval:com.redhat.rhsa:tst:20111212005
        • comment kernel-PAE-devel is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhba:tst:20080314006
      • AND
        • comment kernel-debug is earlier than 0:2.6.18-274.3.1.el5
          oval oval:com.redhat.rhsa:tst:20111212007
        • comment kernel-debug is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhba:tst:20080314008
      • AND
        • comment kernel-debug-devel is earlier than 0:2.6.18-274.3.1.el5
          oval oval:com.redhat.rhsa:tst:20111212009
        • comment kernel-debug-devel is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhba:tst:20080314010
      • AND
        • comment kernel-devel is earlier than 0:2.6.18-274.3.1.el5
          oval oval:com.redhat.rhsa:tst:20111212011
        • comment kernel-devel is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhba:tst:20080314012
      • AND
        • comment kernel-doc is earlier than 0:2.6.18-274.3.1.el5
          oval oval:com.redhat.rhsa:tst:20111212013
        • comment kernel-doc is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhba:tst:20080314014
      • AND
        • comment kernel-headers is earlier than 0:2.6.18-274.3.1.el5
          oval oval:com.redhat.rhsa:tst:20111212015
        • comment kernel-headers is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhba:tst:20080314016
      • AND
        • comment kernel-kdump is earlier than 0:2.6.18-274.3.1.el5
          oval oval:com.redhat.rhsa:tst:20111212017
        • comment kernel-kdump is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhba:tst:20080314018
      • AND
        • comment kernel-kdump-devel is earlier than 0:2.6.18-274.3.1.el5
          oval oval:com.redhat.rhsa:tst:20111212019
        • comment kernel-kdump-devel is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhba:tst:20080314020
      • AND
        • comment kernel-xen is earlier than 0:2.6.18-274.3.1.el5
          oval oval:com.redhat.rhsa:tst:20111212021
        • comment kernel-xen is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhba:tst:20080314022
      • AND
        • comment kernel-xen-devel is earlier than 0:2.6.18-274.3.1.el5
          oval oval:com.redhat.rhsa:tst:20111212023
        • comment kernel-xen-devel is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhba:tst:20080314024
rhsa
id RHSA-2011:1212
released 2011-09-06
severity Important
title RHSA-2011:1212: kernel security and bug fix update (Important)
rpms
  • kernel-0:2.6.18-274.3.1.el5
  • kernel-PAE-0:2.6.18-274.3.1.el5
  • kernel-PAE-debuginfo-0:2.6.18-274.3.1.el5
  • kernel-PAE-devel-0:2.6.18-274.3.1.el5
  • kernel-debug-0:2.6.18-274.3.1.el5
  • kernel-debug-debuginfo-0:2.6.18-274.3.1.el5
  • kernel-debug-devel-0:2.6.18-274.3.1.el5
  • kernel-debuginfo-0:2.6.18-274.3.1.el5
  • kernel-debuginfo-common-0:2.6.18-274.3.1.el5
  • kernel-devel-0:2.6.18-274.3.1.el5
  • kernel-doc-0:2.6.18-274.3.1.el5
  • kernel-headers-0:2.6.18-274.3.1.el5
  • kernel-kdump-0:2.6.18-274.3.1.el5
  • kernel-kdump-debuginfo-0:2.6.18-274.3.1.el5
  • kernel-kdump-devel-0:2.6.18-274.3.1.el5
  • kernel-xen-0:2.6.18-274.3.1.el5
  • kernel-xen-debuginfo-0:2.6.18-274.3.1.el5
  • kernel-xen-devel-0:2.6.18-274.3.1.el5
  • kernel-0:2.6.18-238.31.1.el5
  • kernel-PAE-0:2.6.18-238.31.1.el5
  • kernel-PAE-debuginfo-0:2.6.18-238.31.1.el5
  • kernel-PAE-devel-0:2.6.18-238.31.1.el5
  • kernel-debug-0:2.6.18-238.31.1.el5
  • kernel-debug-debuginfo-0:2.6.18-238.31.1.el5
  • kernel-debug-devel-0:2.6.18-238.31.1.el5
  • kernel-debuginfo-0:2.6.18-238.31.1.el5
  • kernel-debuginfo-common-0:2.6.18-238.31.1.el5
  • kernel-devel-0:2.6.18-238.31.1.el5
  • kernel-doc-0:2.6.18-238.31.1.el5
  • kernel-headers-0:2.6.18-238.31.1.el5
  • kernel-kdump-0:2.6.18-238.31.1.el5
  • kernel-kdump-debuginfo-0:2.6.18-238.31.1.el5
  • kernel-kdump-devel-0:2.6.18-238.31.1.el5
  • kernel-xen-0:2.6.18-238.31.1.el5
  • kernel-xen-debuginfo-0:2.6.18-238.31.1.el5
  • kernel-xen-devel-0:2.6.18-238.31.1.el5
refmap via4
confirm https://bugzilla.redhat.com/show_bug.cgi?id=728042
gentoo GLSA-201309-24
mlist [oss-security] 20110902 Xen Security Advisory 4 (CVE-2011-2901) - Xen 3.3 vaddr validation
secunia 55082
Last major update 13-02-2023 - 04:31
Published 01-10-2013 - 17:55
Last modified 13-02-2023 - 04:31
Back to Top