Xen 3.0.3 through 4.1.x (possibly 4.1.6.1), 4.2.x (possibly 4.2.3), and 4.3.x (possibly 4.3.1) does not properly prevent access to hypercalls, which allows local guest users to gain privileges via a crafted application running in ring 1 or 2.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Information
Published : 2013-12-24 11:55
Updated : 2017-01-06 18:59
NVD link : CVE-2013-4554
Mitre link : CVE-2013-4554
JSON object : View
CWE
CWE-264
Permissions, Privileges, and Access Controls
Products Affected
xen
- xen