CVE-2013-0190medium
New! CVE Severity Now Using CVSS v3
The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.
Description
The xen_failsafe_callback function in Xen for the Linux kernel 2.6.23 and other versions, when running a 32-bit PVOPS guest, allows local users to cause a denial of service (guest crash) by triggering an iret fault, leading to use of an incorrect stack pointer and stack corruption.
References
http://rhn.redhat.com/errata/RHSA-2013-0496.html
http://www.openwall.com/lists/oss-security/2013/01/16/6
http://www.openwall.com/lists/oss-security/2013/01/16/8
http://www.securityfocus.com/bid/57433
http://www.ubuntu.com/usn/USN-1725-1
Vulnerable Software
Configuration 1
OR
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions up to 2.6.23 (inclusive)
Tenable Plugins
| ID | Name | Product | Family | Severity |
|---|---|---|---|---|
| 79501 | OracleVM 3.2 : kernel-uek (OVMSA-2013-0015) | Nessus | OracleVM Local Security Checks | medium |
| 79499 | OracleVM 3.1 : kernel-uek (OVMSA-2013-0010) | Nessus | OracleVM Local Security Checks | medium |
| 79497 | OracleVM 3.2 : kernel-uek (OVMSA-2013-0008) | Nessus | OracleVM Local Security Checks | medium |
| 69713 | Amazon Linux AMI : kernel / nvidia (ALAS-2013-154) | Nessus | Amazon Linux Local Security Checks | medium |
| 68855 | Oracle Linux 5 / 6 : Unbreakable Enterprise kernel Security (ELSA-2013-2525) | Nessus | Oracle Linux Local Security Checks | high |
| 68847 | Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2013-2507) | Nessus | Oracle Linux Local Security Checks | high |
| 68846 | Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2013-2504) | Nessus | Oracle Linux Local Security Checks | medium |
| 68845 | Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2013-2503) | Nessus | Oracle Linux Local Security Checks | medium |
| 68739 | Oracle Linux 6 : Oracle / Linux / 6 / kernel (ELSA-2013-0496) | Nessus | Oracle Linux Local Security Checks | medium |
| 65611 | Ubuntu 12.10 : linux vulnerabilities (USN-1769-1) | Nessus | Ubuntu Local Security Checks | medium |
| 65610 | Ubuntu 12.04 LTS : linux-lts-quantal vulnerabilities (USN-1768-1) | Nessus | Ubuntu Local Security Checks | medium |
| 65609 | Ubuntu 12.04 LTS : linux vulnerabilities (USN-1767-1) | Nessus | Ubuntu Local Security Checks | medium |
| 65171 | RHEL 6 : kernel (RHSA-2013:0496) | Nessus | Red Hat Local Security Checks | medium |
| 65134 | CentOS 6 : kernel (CESA-2013:0496) | Nessus | CentOS Local Security Checks | medium |
| 64681 | Ubuntu 10.04 LTS : linux-ec2 vulnerability (USN-1728-1) | Nessus | Ubuntu Local Security Checks | medium |
| 64640 | Ubuntu 10.04 LTS : linux vulnerability (USN-1725-1) | Nessus | Ubuntu Local Security Checks | medium |
| 64618 | Ubuntu 11.10 : linux vulnerabilities (USN-1720-1) | Nessus | Ubuntu Local Security Checks | medium |
| 64617 | Ubuntu 10.04 LTS : linux-lts-backport-oneiric vulnerabilities (USN-1719-1) | Nessus | Ubuntu Local Security Checks | medium |
| 64088 | Fedora 17 : kernel-3.7.3-101.fc17 (2013-1025) | Nessus | Fedora Local Security Checks | medium |
| 63625 | Fedora 18 : kernel-3.7.2-204.fc18 (2013-0952) | Nessus | Fedora Local Security Checks | medium |
| 801535 | CentOS RHSA-2013-0496 Security Check | Log Correlation Engine | Generic | high |