Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2013-0153

Overview

Vulnerability Score 4.7 4.7
CVE Id CVE-2013-0153
Last Modified 19 Apr 2014 12:30:41
Published 14 Feb 2013 05:55:02
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity MEDIUM
Authentication NONE

CVE-2013-0153

Summary

The AMD IOMMU support in Xen 4.2.x, 4.1.x, 3.3, and other versions, when using AMD-Vi for PCI passthrough, uses the same interrupt remapping table for the host and all guests, which allows guests to cause a denial of service by injecting an interrupt into other guests.

Vulnerable Systems

Operating System

  • Xen 3.3.0

  • Xen 4.1.0

  • Xen 4.1.1

  • Xen 4.1.2

  • Xen 4.1.3

  • Xen 4.1.4

  • Xen 4.2.0

  • Xen 4.2.1


References

XF - xen-amdiommu-dos(81831)

BID - 57745

MLIST - [oss-security] 20130205 Xen Security Advisory 36 (CVE-2013-0153) - interrupt remap entries shared and old ones not cleared on AMD IOMMUs

SECUNIA - 51881

OSVDB - 89867

DEBIAN - DSA-2636

SUSE - openSUSE-SU-2013:0637

SUSE - openSUSE-SU-2013:0636

REDHAT - RHSA-2013:0847

SUSE - openSUSE-SU-2013:0912

GENTOO - GLSA-201309-24

SECUNIA - 55082

SUSE - SUSE-SU-2014:0446


Last Updated: 27 May 2016 11:01:53