Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-1952


Vulnerability Score 2.1 2.1
CVE Id CVE-2008-1952
Last Modified 21 Aug 2010 12:00:00
Published 23 Jun 2008 03:41:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector LOCAL
Access Complexity LOW
Authentication NONE



The backend for XenSource Xen Para Virtualized Frame Buffer (PVFB) in Xen ioemu does not properly restrict the frame buffer size, which allows attackers to cause a denial of service (crash) by mapping an arbitrary amount of guest memory.

Vulnerable Systems


  • Xensource Xen Para Virtualized Frame Buffer



MLIST - [oss-security] 20080521 New Xen ioemu: PVFB backend issue

REDHAT - RHSA-2008:0892

XF - xen-pvfb-ioemu-dos(43362)

SECTRACK - 1020957

BID - 30646

SECUNIA - 32088

MLIST - [Xen-devel] 20080521 [PATCH] ioemu: Fix PVFB backend to limit frame buffer size

Last Updated: 27 May 2016 10:47:42