CVE-2011-1936 : Xen, when using x86 Intel processors and the VMX virtualization extension is ena

Xen, when using x86 Intel processors and the VMX virtualization extension is enabled, does not properly handle cpuid instruction emulation when exiting the VM, which allows local guest users to cause a denial of service (guest crash) via unspecified vectors.

Published 2014-01-07 19:55:06

Updated 2014-02-25 14:10:58

Source Red Hat, Inc.

View at NVD, CVE.org

Vulnerability category: Denial of service

Products affected by CVE-2011-1936

XEN » XEN » Version: N/A
cpe:2.3:o:xen:xen:-:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2011-1936

EPSS FAQ

0.08%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 22 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2011-1936

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
4.6	MEDIUM	AV:A/AC:H/Au:N/C:N/I:N/A:C	3.2	6.9	NIST
Access Vector: Adjacent Network Access Complexity: High Authentication: None Confidentiality Impact: None Integrity Impact: None Availability Impact: Complete

References for CVE-2011-1936

http://www.openwall.com/lists/oss-security/2011/07/07/3

oss-security - CVE-2011-1780, CVE-2011-1936, kernel/xen issues

CVEs referencing this url
http://rhn.redhat.com/errata/RHSA-2011-0927.html

RHSA-2011:0927 - Security Advisory - Red Hat Customer Portal

CVEs referencing this url

Jump to

Vulnerability Details : CVE-2011-1936

Products affected by CVE-2011-1936

Exploit prediction scoring system (EPSS) score for CVE-2011-1936

CVSS scores for CVE-2011-1936

References for CVE-2011-1936