CVE-2013-4375

LOW

Description

The qdisk PV disk backend in qemu-xen in Xen 4.2.x and 4.3.x before 4.3.1, and qemu 1.1 and other versions, allows local HVM guests to cause a denial of service (domain grant reference consumption) via unspecified vectors.

References

http://security.gentoo.org/glsa/glsa-201407-03.xml

http://www.openwall.com/lists/oss-security/2013/10/10/14

http://www.ubuntu.com/usn/USN-2092-1

http://xenproject.org/downloads/xen-archives/supported-xen-43-series/xen-431.html

Details

Source: MITRE

Published: 2014-01-19

Updated: 2017-01-07

Type: CWE-399

Risk Information

CVSS v2.0

Base Score: 2.7

Vector: AV:A/AC:L/Au:S/C:N/I:N/A:P

Impact Score: 2.9

Exploitability Score: 5.1

Severity: LOW

Tenable Plugins

View all (8 total)

IDNameProductFamilySeverity
83602SUSE SLED11 / SLES11 Security Update : Xen (SUSE-SU-2013:1774-1)NessusSuSE Local Security Checks
high
76544GLSA-201407-03 : Xen: Multiple VunlerabilitiesNessusGentoo Local Security Checks
high
74865openSUSE Security Update : xen (openSUSE-SU-2013:1953-1)NessusSuSE Local Security Checks
medium
72231Ubuntu 12.04 LTS / 12.10 / 13.10 : qemu, qemu-kvm vulnerabilities (USN-2092-1)NessusUbuntu Local Security Checks
medium
71562SuSE 11.3 Security Update : Xen (SAT Patch Number 8588)NessusSuSE Local Security Checks
high
70969SuSE 11.2 / 11.3 Security Update : Xen (SAT Patch Numbers 8478 / 8479)NessusSuSE Local Security Checks
high
70550Fedora 18 : xen-4.2.3-4.fc18 (2013-19053)NessusFedora Local Security Checks
medium
70549Fedora 19 : xen-4.2.3-4.fc19 (2013-19048)NessusFedora Local Security Checks
medium