CVE-2013-0190
Public on 2013-02-04
Modified on 2014-09-15
Description
The xen_failsafe_callback function in Xen for the Linux kernel 2.6.23 and other versions, when running a 32-bit PVOPS guest, allows local users to cause a denial of service (guest crash) by triggering an iret fault, leading to use of an incorrect stack pointer and stack corruption.
Severity
Medium
CVSS v3 Base Score
See breakdown
Affected Packages
| Platform | Package | Release Date | Advisory | Status |
|---|---|---|---|---|
| Amazon Linux 1 | kernel | 2013-02-04 | ALAS-2013-154 | Fixed |
| Amazon Linux 1 | nvidia | 2013-02-04 | ALAS-2013-154 | Fixed |
CVSS Scores
| Score Type | Score | Vector | |
|---|---|---|---|
| Amazon Linux | CVSSv2 | 4.0 | AV:L/AC:H/Au:N/C:N/I:N/A:C |
| NVD | CVSSv2 | 4.9 | AV:L/AC:L/Au:N/C:N/I:N/A:C |