CVE-2011-3262
published 2011-08-19CVE-2011-3262: tools/libxc/xc_dom_bzimageloader.c in Xen 3.2, 3.3, 4.0, and 4.1 allows local users to cause a denial of service (management software infinite loop and…
PriorityP43low2.1CVSS 2.0
AVLACLAuNCNINAP
EPSS
0.33%
25.2th percentile
tools/libxc/xc_dom_bzimageloader.c in Xen 3.2, 3.3, 4.0, and 4.1 allows local users to cause a denial of service (management software infinite loop and management domain resource consumption) via unspecified vectors related to "Lack of error checking in the decompression loop."
Affected
9 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| citrix | xen | — | — |
| citrix | xen | — | — |
| citrix | xen | — | — |
| citrix | xen | — | — |
| debian | xen | < xen 4.1.1-1 (bookworm) | xen 4.1.1-1 (bookworm) |
| xen | xen | >= 0 < 4.1.1-1 | 4.1.1-1 |
| xen | xen | >= 0 < 4.1.1-1 | 4.1.1-1 |
| xen | xen | >= 0 < 4.1.1-1 | 4.1.1-1 |
| xen | xen | >= 0 < 4.1.1-1 | 4.1.1-1 |
CVSS provenance
nvdv2.02.1LOWAV:L/AC:L/Au:N/C:N/I:N/A:P
osv2.1LOW
vendor_debian2.1LOW
vendor_redhat2.1LOW
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Red Hat
xen: insufficiencies in pv kernel image validation
vendor_redhat·2011-05-09·CVSS 2.1
CVE-2011-3262 [LOW] xen: insufficiencies in pv kernel image validation
xen: insufficiencies in pv kernel image validation
tools/libxc/xc_dom_bzimageloader.c in Xen 3.2, 3.3, 4.0, and 4.1 allows local users to cause a denial of service (management software infinite loop and management domain resource consumption) via unspecified vectors related to "Lack of error checking in the decompression loop."
Statement: This issue did not affect the versions of the Xen package as shipped with Red Hat Enterprise Linux 4 and 6. This has been addressed in Red Hat Enterprise Linux 5 via https://rhn.redhat.com/errata/RHSA-2011-0496.html.
Debian
CVE-2011-3262: xen - tools/libxc/xc_dom_bzimageloader.c in Xen 3.2, 3.3, 4.0, and 4.1 allows local us...
vendor_debian·2011·CVSS 2.1
CVE-2011-3262 [LOW] CVE-2011-3262: xen - tools/libxc/xc_dom_bzimageloader.c in Xen 3.2, 3.3, 4.0, and 4.1 allows local us...
tools/libxc/xc_dom_bzimageloader.c in Xen 3.2, 3.3, 4.0, and 4.1 allows local users to cause a denial of service (management software infinite loop and management domain resource consumption) via unspecified vectors related to "Lack of error checking in the decompression loop."
Scope: local
bookworm: resolved (fixed in 4.1.1-1)
bullseye: resolved (fixed in 4.1.1-1)
forky: resolved (fixed in 4.1.1-1)
sid: resolved (fixed in 4.1.1-1)
trixie: resolved (fixed in 4.1.1-1)
GHSA
GHSA-h3q2-c8qw-f4hc: tools/libxc/xc_dom_bzimageloader
ghsa_unreviewed·2022-05-17
CVE-2011-3262 [LOW] GHSA-h3q2-c8qw-f4hc: tools/libxc/xc_dom_bzimageloader
tools/libxc/xc_dom_bzimageloader.c in Xen 3.2, 3.3, 4.0, and 4.1 allows local users to cause a denial of service (management software infinite loop and management domain resource consumption) via unspecified vectors related to "Lack of error checking in the decompression loop."
OSV
CVE-2011-3262: tools/libxc/xc_dom_bzimageloader
osv·2011-08-19·CVSS 2.1
CVE-2011-3262 [LOW] CVE-2011-3262: tools/libxc/xc_dom_bzimageloader
tools/libxc/xc_dom_bzimageloader.c in Xen 3.2, 3.3, 4.0, and 4.1 allows local users to cause a denial of service (management software infinite loop and management domain resource consumption) via unspecified vectors related to "Lack of error checking in the decompression loop."
No detection rules found.
No public exploits indexed.
http://lists.xensource.com/archives/html/xen-devel/2011-05/msg00483.htmlhttp://lists.xensource.com/archives/html/xen-devel/2011-05/msg00491.htmlhttp://secunia.com/advisories/55082http://security.gentoo.org/glsa/glsa-201309-24.xmlhttps://exchange.xforce.ibmcloud.com/vulnerabilities/69381http://lists.xensource.com/archives/html/xen-devel/2011-05/msg00483.htmlhttp://lists.xensource.com/archives/html/xen-devel/2011-05/msg00491.htmlhttp://secunia.com/advisories/55082http://security.gentoo.org/glsa/glsa-201309-24.xmlhttps://exchange.xforce.ibmcloud.com/vulnerabilities/69381
2011-08-19
Published