Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2013-0231

Overview

Vulnerability Score 4.9 4.9
CVE Id CVE-2013-0231
Last Modified 20 Jun 2013 11:15:40
Published 12 Feb 2013 08:55:03
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2013-0231

Summary

The pciback_enable_msi function in the PCI backend driver (drivers/xen/pciback/conf_space_capability_msi.c) in Xen for the Linux kernel 2.6.18 and 3.8 allows guest OS users with PCI device access to cause a denial of service via a large number of kernel log messages. NOTE: some of these details are obtained from third party information.

Vulnerable Systems

Operating System

  • Linux Kernel 2.6.18

  • Linux Kernel 3.8

  • Xen 3.0.2

  • Xen 3.0.3

  • Xen 3.0.4

  • Xen 3.1.3

  • Xen 3.1.4

  • Xen 3.2.0

  • Xen 3.2.1

  • Xen 3.2.2

  • Xen 3.2.3


References

XF - xen-pcibackenablemsi-dos(81923)

BID - 57740

MLIST - [oss-security] 20130205 Xen Security Advisory 43 (CVE-2013-0231) - Linux pciback DoS via not rate limited log messages.

SECUNIA - 52059

OSVDB - 89903

DEBIAN - DSA-2632

SUSE - openSUSE-SU-2013:0395

SUSE - openSUSE-SU-2013:0925

SUSE - SUSE-SU-2013:0674


Last Updated: 27 May 2016 11:01:50