CVE-2013-2077

Advisory lineage Upstream: 0 Downstream: 3

Downstream

DEBIAN-CVE-2013-2077 DSA-3006-1 MGASA-2013-0197

Modified

Published: 28 Aug 2013, 17:00

Last modified:06 Aug 2024, 15:27

Vulnerability Summary

Overall Risk (default)

low

21/100

CVSS Score

5.2 MEDIUM

v2.0 (nvd)

EPSS Score

0.12% LOW

0% probability 0.00%

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

28 Aug 2013, 17:00

Published

Vulnerability first disclosed

06 Aug 2024, 15:27

Last Modified

Vulnerability information updated

Description

Xen 4.0.x, 4.1.x, and 4.2.x does not properly restrict the contents of a XRSTOR, which allows local PV guest users to cause a denial of service (unhandled exception and hypervisor crash) via unspecified vectors.

CVSS Metrics

v2.0•MEDIUM•Score: 5.2AV:A/AC:M/Au:S/C:N/I:N/A:C

EPSS Trends

Current EPSS score: 0.12%• Percentile: 30%

Techniques & Countermeasures

CWE-264•Permissions, Privileges, and Access Controls
Weaknesses in this category are related to the management of permissions, privileges, and other security features that are used to perform access control.

Affected Systems

xen•xen
4.0.0 | 4.0.1 | 4.0.2 | 4.0.3 | 4.0.4 | 4.1.0 | 4.1.1 | 4.1.2 | 4.1.3 | 4.1.4 | 4.1.5 | 4.2.0 | 4.2.1 | 4.2.2