Alpine: multiple xen packages: security update to 4.2.1-r6 (deprecated)

critical Tenable Cloud Security Plugin ID 401310

Description

There are packages installed that are affected by multiple vulnerabilities referenced in the following CVEs:

- Xen 3.1 through 4.x, when running 64-bit hosts on Intel CPUs, does not clear the NT flag when using an
IRET after a SYSENTER instruction, which allows PV guest users to cause a denial of service (hypervisor
crash) by triggering a #GP fault, which is not properly handled by another IRET instruction.
(CVE-2013-1917)

- Xen 4.2.x and 4.1.x does not properly restrict access to IRQs, which allows local stub domain clients to
gain access to IRQs and cause a denial of service via vectors related to "passed-through IRQs or PCI
devices." (CVE-2013-1919)

- Xen 4.2.x, 4.1.x, and earlier, when the hypervisor is running "under memory pressure" and the Xen Security
Module (XSM) is enabled, uses the wrong ordering of operations when extending the per-domain event channel
tracking table, which causes a use-after-free and allows local guest kernels to inject arbitrary events
and gain privileges via unspecified vectors. (CVE-2013-1920)

- qemu-nbd in QEMU, as used in Xen 4.2.x, determines the format of a raw disk image based on the header,
which allows local guest OS administrators to read arbitrary files on the host by modifying the header to
identify a different format, which is used when the guest is restarted, a different vulnerability than
CVE-2008-2004. (CVE-2013-1922)

See Also

https://git.alpinelinux.org/aports/commit/?id=6665cdadf07a7dc49d8e128fc8cdd368751c2bef

https://git.alpinelinux.org/aports/commit/?id=9e64313ac0693f81fd4bc3c1b3a8949bdb99725a

Plugin Details

Severity: Critical

ID: 401310

Version: Revision 1.22

Type: Local

Published: 8/16/2023

Updated: 1/17/2024

Supported Sensors: Agentless Assessment, Tenable Cloud Security, Tenable Self-Hosted Container Security

Risk Information

VPR

Risk Factor: Medium

Score: 5.3

Percentile: 96.95

CVSS v2

Risk Factor: Medium

Base Score: 4.4

Temporal Score: 3.3

Vector: CVSS2#AV:L/AC:M/Au:N/C:P/I:P/A:P

CVSS Score Source: CVE-2013-1920

CVSS v3

Risk Factor: Critical

Base Score: 9.8

Temporal Score: 8.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

CVSS Score Source: CVE-2013-1922

Vulnerability Information

Exploit Ease: No known exploits are available

Patch Publication Date: 4/19/2013

Vulnerability Publication Date: 4/4/2013

Reference Information

CVE: CVE-2013-1917, CVE-2013-1919, CVE-2013-1920, CVE-2013-1922

BID: 58880, 59070, 59291, 59292

IAVB: 2013-B-0048-S