CVE-2013-4370

The ocaml binding for the xc_vcpu_getaffinity function in Xen 4.2.x and 4.3.x frees certain memory that may still be intended for use, which allows local users to cause a denial of service (heap corruption and crash) and possibly execute arbitrary code via unspecified vectors that trigger a (1) use-after-free or (2) double free.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:o:xen:xen:4.2.3:*:*:*:*:*:*:*
cpe:2.3:o:xen:xen:4.3.0:*:*:*:*:*:*:*
cpe:2.3:o:xen:xen:4.2.0:*:*:*:*:*:*:*
cpe:2.3:o:xen:xen:4.2.1:*:*:*:*:*:*:*
cpe:2.3:o:xen:xen:4.2.2:*:*:*:*:*:*:*

Information

Published : 2013-10-17 16:55

Updated : 2017-01-06 18:59


NVD link : CVE-2013-4370

Mitre link : CVE-2013-4370


JSON object : View

CWE
CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

Advertisement

dedicated server usa

Products Affected

xen

  • xen