Xen 'hvm_do_hypercall()' Function Local Privilege Escalation Vulnerability

Bugtraq ID: 63931
Class: Design Error
CVE: CVE-2013-4554
Remote: No
Local: Yes
Published: Nov 26 2013 12:00AM
Updated: Apr 13 2015 10:02PM
Credit: Jan Beulich
Vulnerable: XenSource Xen 4.2.1
XenSource Xen 4.1.2
XenSource Xen 4.1.1
XenSource Xen 3.3
XenSource Xen 3.0.3
XenSource Xen 4.3
XenSource Xen 4.2
XenSource Xen 4.1
SuSE SUSE Linux Enterprise Server 11 SP2
+ Linux kernel 2.6.5
SuSE SUSE Linux Enterprise Server 11 SP1 LTSS
+ Linux kernel 2.6.5
+ Linux kernel 2.6.5
SuSE SUSE Linux Enterprise Server 10 SP4 LTSS
+ Linux kernel 2.6.5
SuSE SUSE Linux Enterprise Server 10 SP3 LTSS
+ Linux kernel 2.6.5
S.u.S.E. openSUSE 12.3
Redhat Enterprise Linux Desktop 5 client
Redhat Enterprise Linux 5 Server
Oracle Enterprise Linux 5
OpenVZ Project OpenVZ 028stab110.1
OpenVZ Project OpenVZ 028stab108.1
Gentoo Linux
Citrix XenServer 6.0.2 Common Criteria
Citrix XenServer 6.0.2
Citrix XenServer 6.2 Service Pack 1
Citrix XenServer 6.2
Citrix XenServer 6.1
Citrix XenServer 6.0
Citrix XenServer 5.6 SP2
Citrix XenServer 5.6 Feature Pack 1
Citrix XenServer 5.6
Citrix XenClient XT 3.1.4
Citrix XenClient XT 3.1.3
Citrix XenClient XT 3.0.0
CentOS CentOS 5
Not Vulnerable: OpenVZ Project OpenVZ 028stab112.3
Citrix XenClient XT 3.2


 

Privacy Statement
Copyright 2010, SecurityFocus