PT-2013-2137 · Xen+1 · Xen+1

Published

2013-01-12

Updated

2017-08-29

CVE-2013-0154

CVSS v2.0

1.9

Low

Vector

AV:L/AC:M/Au:N/C:N/I:N/A:P

Name of the Vulnerable Software and Affected Versions Xen version 4.2

Description The issue is related to the get page type function in Xen, which can cause a denial of service when debugging is enabled. This can lead to an assertion failure and hypervisor crash. The issue is exploited via unspecified vectors related to a hypercall.

Recommendations For Xen version 4.2, consider disabling the debugging feature to prevent the denial of service. As a temporary workaround, restrict access to the get page type function until a patch is available.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2013-0154

Affected Products

Suse

Xen

PT-2013-2137 · Xen+1 · Xen+1

CVE-2013-0154

Related Identifiers

Affected Products

References · 12