CVE-2011-2901

Advisory lineage Upstream: 0 Downstream: 2

Downstream

RHSA-2011:1212 RHSA-2011:1813

Modified

Published: 01 Oct 2013, 17:00

Last modified:06 Aug 2024, 23:15

Vulnerability Summary

Overall Risk (default)

low

22/100

CVSS Score

5.5 MEDIUM

v2.0 (nvd)

EPSS Score

0.12% LOW

0% probability 0.00%

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

01 Oct 2013, 17:00

Published

Vulnerability first disclosed

06 Aug 2024, 23:15

Last Modified

Vulnerability information updated

Description

Off-by-one error in the __addr_ok macro in Xen 3.3 and earlier allows local 64 bit PV guest administrators to cause a denial of service (host crash) via unspecified hypercalls that ignore virtual-address bits.

CVSS Metrics

v2.0•MEDIUM•Score: 5.5AV:A/AC:L/Au:S/C:N/I:N/A:C

EPSS Trends

Current EPSS score: 0.12%• Percentile: 30%

Techniques & Countermeasures

CWE-399•Resource Management Errors
Weaknesses in this category are related to improper management of system resources.

Affected Systems

xen•xen
≤ 3.3.0 | 3.0.2 | 3.0.3 | 3.0.4 | 3.1.3 | 3.1.4 | 3.2.0 | 3.2.1 | 3.2.2 | 3.2.3