CVE-2013-4371 (GCVE-0-2013-4371)

Vulnerability from cvelistv5 – Published: 2013-10-17 23:00 – Updated: 2024-08-06 16:38
VLAI?
Summary
Use-after-free vulnerability in the libxl_list_cpupool function in the libxl toolstack library in Xen 4.2.x and 4.3.x, when running "under memory pressure," returns the original pointer when the realloc function fails, which allows local users to cause a denial of service (heap corruption and crash) and possibly execute arbitrary code via unspecified vectors.
Severity ?
No CVSS data available.
CWE
  • n/a
Assigner
References
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T16:38:02.180Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "GLSA-201407-03",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-201407-03.xml"
          },
          {
            "name": "[oss-security] 20131010 Xen Security Advisory 70 (CVE-2013-4371) - use-after-free in  libxl_list_cpupool under memory pressure",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2013/10/10/12"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2013-10-10T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Use-after-free vulnerability in the libxl_list_cpupool function in the libxl toolstack library in Xen 4.2.x and 4.3.x, when running \"under memory pressure,\" returns the original pointer when the realloc function fails, which allows local users to cause a denial of service (heap corruption and crash) and possibly execute arbitrary code via unspecified vectors."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-01-04T17:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "GLSA-201407-03",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-201407-03.xml"
        },
        {
          "name": "[oss-security] 20131010 Xen Security Advisory 70 (CVE-2013-4371) - use-after-free in  libxl_list_cpupool under memory pressure",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2013/10/10/12"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2013-4371",
    "datePublished": "2013-10-17T23:00:00",
    "dateReserved": "2013-06-12T00:00:00",
    "dateUpdated": "2024-08-06T16:38:02.180Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:xen:xen:4.2.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8F0AF8EF-6FF6-4E22-B16E-82C9F90C6B00\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:xen:xen:4.2.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"47640819-FC43-49ED-8A77-728C3D7255B3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:xen:xen:4.2.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2448537F-87AD-45C1-9FB0-7A49CA31BD76\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:xen:xen:4.2.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E36B2265-70E1-413B-A7CF-79D39E9ADCFB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:xen:xen:4.3.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BF948E6A-07BE-4C7D-8A98-002E89D35F4D\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Use-after-free vulnerability in the libxl_list_cpupool function in the libxl toolstack library in Xen 4.2.x and 4.3.x, when running \\\"under memory pressure,\\\" returns the original pointer when the realloc function fails, which allows local users to cause a denial of service (heap corruption and crash) and possibly execute arbitrary code via unspecified vectors.\"}, {\"lang\": \"es\", \"value\": \"Vulnerabilidad de uso despu\\u00e9s de liberaci\\u00f3n en la funci\\u00f3n libxl_list_cpupool de la librer\\u00eda toolstack LibXL en Xen 4.2.x y 4.3.x, cuando se ejecuta \\\"bajo presi\\u00f3n de memoria\\\", devuelve el puntero original cuando la funci\\u00f3n realloc falla, lo que permite a usuarios locales provocar una denegaci\\u00f3n de servicio (corrupci\\u00f3n de heap y  ca\\u00edda) y posiblemente ejecutar c\\u00f3digo arbitrario a trav\\u00e9s de vectores no especificados.\"}]",
      "id": "CVE-2013-4371",
      "lastModified": "2024-11-21T01:55:26.580",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:L/AC:M/Au:N/C:P/I:P/A:P\", \"baseScore\": 4.4, \"accessVector\": \"LOCAL\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 3.4, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2013-10-17T23:55:04.547",
      "references": "[{\"url\": \"http://security.gentoo.org/glsa/glsa-201407-03.xml\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2013/10/10/12\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://security.gentoo.org/glsa/glsa-201407-03.xml\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2013/10/10/12\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "secalert@redhat.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-399\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2013-4371\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2013-10-17T23:55:04.547\",\"lastModified\":\"2025-04-11T00:51:21.963\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Use-after-free vulnerability in the libxl_list_cpupool function in the libxl toolstack library in Xen 4.2.x and 4.3.x, when running \\\"under memory pressure,\\\" returns the original pointer when the realloc function fails, which allows local users to cause a denial of service (heap corruption and crash) and possibly execute arbitrary code via unspecified vectors.\"},{\"lang\":\"es\",\"value\":\"Vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n en la funci\u00f3n libxl_list_cpupool de la librer\u00eda toolstack LibXL en Xen 4.2.x y 4.3.x, cuando se ejecuta \\\"bajo presi\u00f3n de memoria\\\", devuelve el puntero original cuando la funci\u00f3n realloc falla, lo que permite a usuarios locales provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de heap y  ca\u00edda) y posiblemente ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores no especificados.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:M/Au:N/C:P/I:P/A:P\",\"baseScore\":4.4,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":3.4,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-399\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:xen:xen:4.2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8F0AF8EF-6FF6-4E22-B16E-82C9F90C6B00\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:xen:xen:4.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"47640819-FC43-49ED-8A77-728C3D7255B3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:xen:xen:4.2.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2448537F-87AD-45C1-9FB0-7A49CA31BD76\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:xen:xen:4.2.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E36B2265-70E1-413B-A7CF-79D39E9ADCFB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:xen:xen:4.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BF948E6A-07BE-4C7D-8A98-002E89D35F4D\"}]}]}],\"references\":[{\"url\":\"http://security.gentoo.org/glsa/glsa-201407-03.xml\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2013/10/10/12\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://security.gentoo.org/glsa/glsa-201407-03.xml\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2013/10/10/12\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.