CVE-2013-6400

Xen 4.2.x and 4.3.x, when using Intel VT-d and a PCI device has been assigned, does not clear the flag that suppresses IOMMU TLB flushes when unspecified errors occur, which causes the TLB entries to not be flushed and allows local guest administrators to cause a denial of service (host crash) or gain privileges via unspecified vectors.

CVSS v2.0 6.8 MEDIUM

6.8^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:A/AC:H/Au:N/C:C/I:C/A:C

Exploitability : 3.2 / Impact : 10.0

Access Vector ADJACENT_NETWORK

Access Complexity HIGH

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://lists.fedoraproject.org/pipermail/package-announce/2013-December/125081.html
http://lists.fedoraproject.org/pipermail/package-announce/2013-December/125111.html
http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00011.html
http://lists.xen.org/archives/html/xen-announce/2013-12/msg00002.html
http://secunia.com/advisories/55932	Vendor Advisory
http://security.gentoo.org/glsa/glsa-201407-03.xml
http://www.openwall.com/lists/oss-security/2013/12/10/7
http://www.securitytracker.com/id/1029468
http://lists.fedoraproject.org/pipermail/package-announce/2013-December/125081.html
http://lists.fedoraproject.org/pipermail/package-announce/2013-December/125111.html
http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00011.html
http://lists.xen.org/archives/html/xen-announce/2013-12/msg00002.html
http://secunia.com/advisories/55932	Vendor Advisory
http://security.gentoo.org/glsa/glsa-201407-03.xml
http://www.openwall.com/lists/oss-security/2013/12/10/7
http://www.securitytracker.com/id/1029468

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:xen:xen:4.2.0:::::::*
	cpe:2.3:o:xen:xen:4.2.1:::::::*
	cpe:2.3:o:xen:xen:4.2.2:::::::*
	cpe:2.3:o:xen:xen:4.2.3:::::::*
	cpe:2.3:o:xen:xen:4.3.0:::::::*
	cpe:2.3:o:xen:xen:4.3.1:::::::*

History

21 Nov 2024, 01:59

Type	Values Removed	Values Added
References	~~() http://lists.fedoraproject.org/pipermail/package-announce/2013-December/125081.html -~~	() http://lists.fedoraproject.org/pipermail/package-announce/2013-December/125081.html -
References	~~() http://lists.fedoraproject.org/pipermail/package-announce/2013-December/125111.html -~~	() http://lists.fedoraproject.org/pipermail/package-announce/2013-December/125111.html -
References	~~() http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00011.html -~~	() http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00011.html -
References	~~() http://lists.xen.org/archives/html/xen-announce/2013-12/msg00002.html -~~	() http://lists.xen.org/archives/html/xen-announce/2013-12/msg00002.html -
References	~~() http://secunia.com/advisories/55932 - Vendor Advisory~~	() http://secunia.com/advisories/55932 - Vendor Advisory
References	~~() http://security.gentoo.org/glsa/glsa-201407-03.xml -~~	() http://security.gentoo.org/glsa/glsa-201407-03.xml -
References	~~() http://www.openwall.com/lists/oss-security/2013/12/10/7 -~~	() http://www.openwall.com/lists/oss-security/2013/12/10/7 -
References	~~() http://www.securitytracker.com/id/1029468 -~~	() http://www.securitytracker.com/id/1029468 -

Information

Published : 2013-12-13 18:55

Updated : 2025-04-11 00:51

NVD link : CVE-2013-6400

Mitre link : CVE-2013-6400

CVE.ORG link : CVE-2013-6400

JSON object : View

Products Affected

xen

CWE

CWE-264

Permissions, Privileges, and Access Controls

{"id": "CVE-2013-6400", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.8, "accessVector": "ADJACENT_NETWORK", "vectorString": "AV:A/AC:H/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "HIGH", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 3.2, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2013-12-13T18:55:05.317", "references": [{"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/125081.html", "source": "secalert@redhat.com"}, {"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/125111.html", "source": "secalert@redhat.com"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00011.html", "source": "secalert@redhat.com"}, {"url": "http://lists.xen.org/archives/html/xen-announce/2013-12/msg00002.html", "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/55932", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://security.gentoo.org/glsa/glsa-201407-03.xml", "source": "secalert@redhat.com"}, {"url": "http://www.openwall.com/lists/oss-security/2013/12/10/7", "source": "secalert@redhat.com"}, {"url": "http://www.securitytracker.com/id/1029468", "source": "secalert@redhat.com"}, {"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/125081.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/125111.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00011.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://lists.xen.org/archives/html/xen-announce/2013-12/msg00002.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/55932", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://security.gentoo.org/glsa/glsa-201407-03.xml", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.openwall.com/lists/oss-security/2013/12/10/7", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securitytracker.com/id/1029468", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-264"}]}], "descriptions": [{"lang": "en", "value": "Xen 4.2.x and 4.3.x, when using Intel VT-d and a PCI device has been assigned, does not clear the flag that suppresses IOMMU TLB flushes when unspecified errors occur, which causes the TLB entries to not be flushed and allows local guest administrators to cause a denial of service (host crash) or gain privileges via unspecified vectors."}, {"lang": "es", "value": "En Xen 4.2.x y 4.3.x, al utilizar Intel VT-d y un dispositivo PCI asignado, no borra el indicador que suprime vocados de IOMMU TLB cuando se producen errores no especificados, que hace que entradas de la TLB no sean eliminadas y permite a los locales administradores de invitados para causar una denegaci\u00f3n de servicio (ca\u00edda de host) o ganar privilegios a trav\u00e9s de vectores no especificados."}], "lastModified": "2025-04-11T00:51:21.963", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:xen:xen:4.2.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8F0AF8EF-6FF6-4E22-B16E-82C9F90C6B00"}, {"criteria": "cpe:2.3:o:xen:xen:4.2.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "47640819-FC43-49ED-8A77-728C3D7255B3"}, {"criteria": "cpe:2.3:o:xen:xen:4.2.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2448537F-87AD-45C1-9FB0-7A49CA31BD76"}, {"criteria": "cpe:2.3:o:xen:xen:4.2.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E36B2265-70E1-413B-A7CF-79D39E9ADCFB"}, {"criteria": "cpe:2.3:o:xen:xen:4.3.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BF948E6A-07BE-4C7D-8A98-002E89D35F4D"}, {"criteria": "cpe:2.3:o:xen:xen:4.3.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C0E23B94-1726-4F63-84BB-8D83FAB156D7"}], "operator": "OR"}]}], "sourceIdentifier": "secalert@redhat.com"}

6.8 /10