SB2011081201 - Multiple vulnerabilities in Xen

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2011081201

SB2011081201 - Multiple vulnerabilities in Xen

Published: August 12, 2011 Updated: August 11, 2020

Security Bulletin ID SB2011081201
Severity
High
Patch available
YES
Number of vulnerabilities 3
Exploitation vector Remote access
Highest impact Code execution

Breakdown by Severity

High 33% Medium 33% Low 33%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 3 secuirty vulnerabilities.


1) Resource management error (CVE-ID: CVE-2011-3262)

The vulnerability allows a remote non-authenticated attacker to perform service disruption.

tools/libxc/xc_dom_bzimageloader.c in Xen 3.2, 3.3, 4.0, and 4.1 allows local users to cause a denial of service (management software infinite loop and management domain resource consumption) via unspecified vectors related to "Lack of error checking in the decompression loop."


2) Input validation error (CVE-ID: CVE-2011-1583)

The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.

Multiple integer overflows in tools/libxc/xc_dom_bzimageloader.c in Xen 3.2, 3.3, 4.0, and 4.1 allow local users to cause a denial of service and possibly execute arbitrary code via a crafted paravirtualised guest kernel image that triggers (1) a buffer overflow during a decompression loop or (2) an out-of-bounds read in the loader involving unspecified length fields.


3) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2011-1898)

The vulnerability allows a remote #AU# to execute arbitrary code.

Xen 4.1 before 4.1.1 and 4.0 before 4.0.2, when using PCI passthrough on Intel VT-d chipsets that do not have interrupt remapping, allows guest OS users to gain host OS privileges by "using DMA to generate MSI interrupts by writing to the interrupt injection registers."


Remediation

Install update from vendor's website.

References