4.6
CVE-2013-0151
- EPSS 0.6%
- Veröffentlicht 07.03.2013 05:04:42
- Zuletzt bearbeitet 29.04.2026 01:13:23
- Quelle secalert@redhat.com
- CVE-Watchlists
- Unerledigt
The do_hvm_op function in xen/arch/x86/hvm/hvm.c in Xen 4.2.x on the x86_32 platform does not prevent HVM_PARAM_NESTEDHVM (aka nested virtualization) operations, which allows guest OS users to cause a denial of service (long-duration page mappings and host OS crash) by leveraging administrative access to an HVM guest in a domain with a large number of VCPUs.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.6% | 0.441 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 4.6 | 3.2 | 6.9 |
AV:A/AC:H/Au:N/C:N/I:N/A:C
|
http://secunia.com/advisories/55082
http://security.gentoo.org/glsa/glsa-201309-24.xml
http://openwall.com/lists/oss-security/2013/01/22/10
http://xenbits.xen.org/gitweb/?p=xen.git%3Ba=commit%3Bh=d60d7082289a74e44b3dc8f67df46c3404ca08bf