CVE-2011-2901

Severity

55%

Complexity

51%

Confidentiality

115%

Off-by-one error in the __addr_ok macro in Xen 3.3 and earlier allows local 64 bit PV guest administrators to cause a denial of service (host crash) via unspecified hypercalls that ignore virtual-address bits.

Off-by-one error in the __addr_ok macro in Xen 3.3 and earlier allows local 64 bit PV guest administrators to cause a denial of service (host crash) via unspecified hypercalls that ignore virtual-address bits.

CVSS 2.0 Base Score 5.5. CVSS Attack Vector: adjacent_network. CVSS Attack Complexity: low. CVSS Vector: (AV:A/AC:L/Au:S/C:N/I:N/A:C).

Overview

First reported 11 years ago

2013-10-01 17:55:00

Last updated 11 years ago

2013-12-31 04:09:00

Affected Software

Xen Xen 3.0.2

3.0.2

Xen Xen 3.0.3

3.0.3

Xen Xen 3.0.4

3.0.4

Xen Xen 3.1.

3.1.3

Xen Xen 3.1.4

3.1.4

Xen Xen 3.2.0

3.2.0

Xen Xen 3.2.1

3.2.1

Xen Xen 3.2.2

3.2.2

Xen Xen 3.2.3

3.2.3

Xen

References

RHSA-2011:1212

55082

GLSA-201309-24

[oss-security] 20110902 Xen Security Advisory 4 (CVE-2011-2901) - Xen 3.3 vaddr validation

https://bugzilla.redhat.com/show_bug.cgi?id=728042

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.