fkie_cve-2013-0231
Vulnerability from fkie_nvd
Published
2013-02-13 01:55
Modified
2025-04-11 00:51
Severity ?
Summary
The pciback_enable_msi function in the PCI backend driver (drivers/xen/pciback/conf_space_capability_msi.c) in Xen for the Linux kernel 2.6.18 and 3.8 allows guest OS users with PCI device access to cause a denial of service via a large number of kernel log messages. NOTE: some of these details are obtained from third party information.
References
secalert@redhat.comhttp://lists.opensuse.org/opensuse-security-announce/2013-03/msg00004.html
secalert@redhat.comhttp://lists.opensuse.org/opensuse-security-announce/2013-04/msg00018.html
secalert@redhat.comhttp://lists.opensuse.org/opensuse-security-announce/2013-06/msg00005.html
secalert@redhat.comhttp://osvdb.org/89903
secalert@redhat.comhttp://secunia.com/advisories/52059Vendor Advisory
secalert@redhat.comhttp://www.debian.org/security/2013/dsa-2632
secalert@redhat.comhttp://www.openwall.com/lists/oss-security/2013/02/05/9
secalert@redhat.comhttp://www.securityfocus.com/bid/57740
secalert@redhat.comhttps://exchange.xforce.ibmcloud.com/vulnerabilities/81923
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00004.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00018.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00005.html
af854a3a-2127-422b-91ae-364da2661108http://osvdb.org/89903
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/52059Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2013/dsa-2632
af854a3a-2127-422b-91ae-364da2661108http://www.openwall.com/lists/oss-security/2013/02/05/9
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/57740
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/81923
Impacted products
Vendor Product Version
linux linux_kernel 2.6.18
linux linux_kernel 3.8
xen xen 3.0.2
xen xen 3.0.3
xen xen 3.0.4
xen xen 3.1.3
xen xen 3.1.4
xen xen 3.2.0
xen xen 3.2.1
xen xen 3.2.2
xen xen 3.2.3


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "C06F0037-DE20-4B4A-977F-BFCFAB026517",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:3.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "98AE0611-612F-4BF1-9ED7-3C3B88872ABF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:xen:xen:3.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5D62197-4FF7-4B73-8DC6-6E9344AF7CAC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:xen:xen:3.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "44CAE6A7-9817-472C-B1C6-3FF196304D08",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:xen:xen:3.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "E96BB7DE-0A6A-4418-A879-159F5FF88615",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:xen:xen:3.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "7568820A-ED66-47DF-A9B0-27A474D6C2C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:xen:xen:3.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D8C046D-BE62-43BA-9F50-B4D383475EA8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:xen:xen:3.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B81B6EEB-D01E-432D-AEBF-707409741C0A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:xen:xen:3.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A4B60DE-A8C0-459E-A99C-6EF0D3264B75",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:xen:xen:3.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "A83F4F7E-53CF-4066-857B-2154D25979D8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:xen:xen:3.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "048E790E-B0A1-4504-9299-0B6D9CB0C509",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The pciback_enable_msi function in the PCI backend driver (drivers/xen/pciback/conf_space_capability_msi.c) in Xen for the Linux kernel 2.6.18 and 3.8 allows guest OS users with PCI device access to cause a denial of service via a large number of kernel log messages. NOTE: some of these details are obtained from third party information."
    },
    {
      "lang": "es",
      "value": "La funci\u00f3n pciback_enable_msi en el controlador PCI backend (drivers/xen/pciback/conf_space_capability_msi.c) en Xen para Linux kernel v2.6.18 y v3.8, permite que los usuarios de los sistemas operativos hu\u00e9sped (guest) puedan provocar una denegaci\u00f3n de servicio a trav\u00e9s de un n\u00famero elevado de mensajes de log del kernel. NOTA: algunos de estos detalles han sido obtenidos a partir de informaci\u00f3n de terceros."
    }
  ],
  "id": "CVE-2013-0231",
  "lastModified": "2025-04-11T00:51:21.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 4.9,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2013-02-13T01:55:03.497",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00004.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00018.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00005.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://osvdb.org/89903"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/52059"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2013/dsa-2632"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.openwall.com/lists/oss-security/2013/02/05/9"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/bid/57740"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/81923"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00004.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00018.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00005.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/89903"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/52059"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2013/dsa-2632"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.openwall.com/lists/oss-security/2013/02/05/9"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/57740"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/81923"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.