QwikSec

Security Database

CVE

CWE

Training

CVE-2013-0215

Published: Mar 7, 2013

Modified: Aug 6, 2024

PUBLISHED

Description

oxenstored in Xen 4.1.x, Xen 4.2.x, and xen-unstable does not properly consider the state of the Xenstore ring during read operations, which allows guest OS users to cause a denial of service (daemon crash and host-control outage, or memory consumption) or obtain sensitive control-plane data by leveraging guest administrative access.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

third-party-advisory

x_refsource_SECUNIA

http://xenbits.xen.org/gitweb/?p=xen.git%3Ba=commit%3Bh=40f9c5e0a6d15b4ca1f6d4ed3a46f0871520eab5

x_refsource_CONFIRM

vendor-advisory

x_refsource_GENTOO

[oss-security] 20130205 Xen Security Advisory 38 (CVE-2013-0215) - oxenstored incorrect handling of certain Xenbus ring states

mailing-list

x_refsource_MLIST

http://xenbits.xen.org/gitweb/?p=xen.git%3Ba=commit%3Bh=61401264eb00fae4ee4efc8e9a5067449283207b

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.