CVE-2011-1583

MEDIUM

Description

Multiple integer overflows in tools/libxc/xc_dom_bzimageloader.c in Xen 3.2, 3.3, 4.0, and 4.1 allow local users to cause a denial of service and possibly execute arbitrary code via a crafted paravirtualised guest kernel image that triggers (1) a buffer overflow during a decompression loop or (2) an out-of-bounds read in the loader involving unspecified length fields.

References

http://lists.xensource.com/archives/html/xen-devel/2011-05/msg00483.html

http://lists.xensource.com/archives/html/xen-devel/2011-05/msg00491.html

http://rhn.redhat.com/errata/RHSA-2011-0496.html

Details

Source: MITRE

Published: 2011-08-12

Updated: 2011-08-24

Type: CWE-189

Risk Information

CVSS v2.0

Base Score: 6.9

Vector: AV:L/AC:M/Au:N/C:C/I:C/A:C

Impact Score: 10

Exploitability Score: 3.4

Severity: MEDIUM