PT-2013-4977 · Xen+1 · Xen+1
Matthew Daley
·
Publicado
2013-10-17
·
Atualizado
2017-08-29
·
CVE-2013-4369
CVSS v2.0
1.9
Baixa
| Vetor | AV:L/AC:M/Au:N/C:N/I:N/A:P |
Name of the Vulnerable Software and Affected Versions
Xen versions 4.2.x through 4.3.x
Description
The issue allows local users to cause a denial of service by exploiting a NULL pointer dereference in the
xlu vif parse rate function. This can be achieved by using the "@" character as the VIF rate configuration.Recommendations
For Xen versions 4.2.x through 4.3.x, consider restricting the use of the
xlu vif parse rate function until a patch is available to prevent the denial of service. Avoid using the "@" character in the VIF rate configuration to minimize the risk of exploitation.Correção
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Identificadores relacionados
Produtos afetados
Suse
Xen