Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-3131

Overview

Vulnerability Score 4.6 4.6
CVE Id CVE-2011-3131
Last Modified 13 Dec 2012 12:00:00
Published 13 Dec 2012 06:53:33
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication SINGLE_INSTANCE

CVE-2011-3131

Summary

Xen 4.1.1 and earlier allows local guest OS kernels with control of a PCI[E] device to cause a denial of service (CPU consumption and host hang) via many crafted DMA requests that are denied by the IOMMU, which triggers a livelock.

Vulnerable Systems

Operating System

  • Xen 4.1.1


References

CONFIRM - http://xenbits.xen.org/hg/staging/xen-4.1-testing.hg/rev/84e3706df07a

BID - 49146

DEBIAN - DSA-2582

SECUNIA - 51468

SECUNIA - 45622

MLIST - [Xen-devel] 20110812 Xen Advisory 5 (CVE-2011-3131) IOMMU fault livelock

MLIST - [Xen-devel] 20110616 IOMMU faults

Related Patches

Novell SUSE 2011:5334 xen-201111 recommended update for SLE 11 SP1 i586

Novell SUSE 2011:5334 xen-201111 recommended update for SLE 11 SP1 x86_64

Novell SUSE 2011:7699 xen security update for SLE 10 SP4 i586


Last Updated: 27 May 2016 10:49:52