CVE-2013-2196 — XEN vulnerability

7 documents6 sources

Severity

6.9MEDIUMNVD

EPSS

0.0%

top 88.33%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

XEN Debian XEN

Timeline

PublishedAug 23

Latest updateMay 17

Description

Multiple unspecified vulnerabilities in the Elf parser (libelf) in Xen 4.2.x and earlier allow local guest administrators with certain permissions to have an unspecified impact via a crafted kernel, related to "other problems" that are not CVE-2013-2194 or CVE-2013-2195.

CVSS vector

AV:L/AC:M/C:C/I:C/A:CExploitability: 3.4 | Impact: 10.0

Affected Packages3 packages

▶debiandebian/xen< xen 4.3.0-1 (bookworm)

▶Debianxen/xen< 4.3.0-1+3

▶NVDxen/xen4.2.2+2

Patches

Patch: support.citrix.com ↗Patch: support.citrix.com ↗

🔴Vulnerability Details

GHSA

GHSA-9cmh-g87c-qgh5: Multiple unspecified vulnerabilities in the Elf parser (libelf) in Xen 4↗2022-05-17

▶

OSV

CVE-2013-2196: Multiple unspecified vulnerabilities in the Elf parser (libelf) in Xen 4↗2013-08-23

▶

📋Vendor Advisories

Red Hat

xen: Multiple vulnerabilities in libelf PV kernel handling↗2013-06-03

▶

Debian

CVE-2013-2196: xen - Multiple unspecified vulnerabilities in the Elf parser (libelf) in Xen 4.2.x and...↗2013

▶

💬Community

Bugzilla

CVE-2013-2194 CVE-2013-2195 CVE-2013-2196 xen: Multiple vulnerabilities in libelf PV kernel handling [fedora-all]↗2013-06-04

▶

Bugzilla

CVE-2013-2194 CVE-2013-2195 CVE-2013-2196 xen: Multiple vulnerabilities in libelf PV kernel handling↗2013-06-04

▶