CVE-2013-0153

medium
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

The AMD IOMMU support in Xen 4.2.x, 4.1.x, 3.3, and other versions, when using AMD-Vi for PCI passthrough, uses the same interrupt remapping table for the host and all guests, which allows guests to cause a denial of service by injecting an interrupt into other guests.

References

http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00021.html

http://lists.opensuse.org/opensuse-updates/2013-04/msg00051.html

http://lists.opensuse.org/opensuse-updates/2013-04/msg00052.html

http://lists.opensuse.org/opensuse-updates/2013-06/msg00049.html

http://osvdb.org/89867

http://rhn.redhat.com/errata/RHSA-2013-0847.html

http://secunia.com/advisories/51881

http://secunia.com/advisories/55082

http://security.gentoo.org/glsa/glsa-201309-24.xml

http://www.debian.org/security/2013/dsa-2636

http://www.openwall.com/lists/oss-security/2013/02/05/7

http://www.securityfocus.com/bid/57745

https://exchange.xforce.ibmcloud.com/vulnerabilities/81831

Details

Source: MITRE

Published: 2013-02-14

Updated: 2017-08-29

Risk Information

CVSS v2

Base Score: 4.7

Vector: AV:L/AC:M/Au:N/C:N/I:N/A:C

Impact Score: 6.9

Exploitability Score: 3.4

Severity: MEDIUM

Tenable Plugins

View all (16 total)

IDNameProductFamilySeverity
84140OracleVM 3.2 : xen (OVMSA-2015-0068) (POODLE) (Venom)NessusOracleVM Local Security Checks
low
83616SUSE SLES11 Security Update : Xen (SUSE-SU-2014:0446-1)NessusSuSE Local Security Checks
high
79500OracleVM 3.2 : xen (OVMSA-2013-0011)NessusOracleVM Local Security Checks
medium
79498OracleVM 3.1 : xen (OVMSA-2013-0009)NessusOracleVM Local Security Checks
medium
74967openSUSE Security Update : xen (openSUSE-SU-2013:0637-1)NessusSuSE Local Security Checks
high
74966openSUSE Security Update : xen (openSUSE-SU-2013:0636-1)NessusSuSE Local Security Checks
high
70184GLSA-201309-24 : Xen: Multiple vulnerabilitiesNessusGentoo Local Security Checks
high
68826Oracle Linux 5 : kernel (ELSA-2013-0847)NessusOracle Linux Local Security Checks
medium
68825Oracle Linux 5 : kernel (ELSA-2013-0847-1)NessusOracle Linux Local Security Checks
medium
66551Scientific Linux Security Update : kernel on SL5.x i386/x86_64 (20130521)NessusScientific Linux Local Security Checks
medium
66536RHEL 5 : kernel (RHSA-2013:0847)NessusRed Hat Local Security Checks
medium
66528CentOS 5 : kernel (CESA-2013:0847)NessusCentOS Local Security Checks
medium
65797SuSE 11.2 Security Update : Xen (SAT Patch Number 7492)NessusSuSE Local Security Checks
high
64973Debian DSA-2636-2 : xen - several vulnerabilitiesNessusDebian Local Security Checks
medium
64678Fedora 18 : xen-4.2.1-7.fc18 (2013-2225)NessusFedora Local Security Checks
medium
64650Fedora 17 : xen-4.1.4-4.fc17 (2013-2002)NessusFedora Local Security Checks
medium