CVE-2013-0153

Severity

47%

Complexity

34%

Confidentiality

115%

The AMD IOMMU support in Xen 4.2.x, 4.1.x, 3.3, and other versions, when using AMD-Vi for PCI passthrough, uses the same interrupt remapping table for the host and all guests, which allows guests to cause a denial of service by injecting an interrupt into other guests.

The AMD IOMMU support in Xen 4.2.x, 4.1.x, 3.3, and other versions, when using AMD-Vi for PCI passthrough, uses the same interrupt remapping table for the host and all guests, which allows guests to cause a denial of service by injecting an interrupt into other guests.

CVSS 2.0 Base Score 4.7. CVSS Attack Vector: local. CVSS Attack Complexity: medium. CVSS Vector: (AV:L/AC:M/Au:N/C:N/I:N/A:C).

Overview

Type

Xen

First reported 12 years ago

2013-02-14 22:55:00

Last updated 7 years ago

2017-08-29 01:32:00

Affected Software

Xen 4.2.0

4.2.0

Xen 4.2.1

4.2.1

Xen 4.1.0

4.1.0

Xen 4.1.1

4.1.1

Xen 4.1.2

4.1.2

Xen 4.1.3

4.1.3

Xen 4.1.4

4.1.4

Xen 3.3.0

3.3.0

References

SUSE-SU-2014:0446

openSUSE-SU-2013:0636

openSUSE-SU-2013:0637

openSUSE-SU-2013:0912

89867

RHSA-2013:0847

51881

Vendor Advisory

55082

GLSA-201309-24

DSA-2636

[oss-security] 20130205 Xen Security Advisory 36 (CVE-2013-0153) - interrupt remap entries shared and old ones not cleared on AMD IOMMUs

57745

xen-amdiommu-dos(81831)

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.