Vulnerability Name: | CVE-2007-6207 (CCN-38839) | ||||||||||||||||
Assigned: | 2007-11-22 | ||||||||||||||||
Published: | 2007-11-22 | ||||||||||||||||
Updated: | 2017-09-29 | ||||||||||||||||
Summary: | Xen 3.x, possibly before 3.1.2, when running on IA64 systems, does not check the RID value for mov_to_rr, which allows a VTi domain to read memory of other domains. | ||||||||||||||||
CVSS v3 Severity: | 4.0 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
| ||||||||||||||||
CVSS v2 Severity: | 2.1 Low (CVSS v2 Vector: AV:L/AC:L/Au:N/C:P/I:N/A:N) 1.6 Low (Temporal CVSS v2 Vector: AV:L/AC:L/Au:N/C:P/I:N/A:N/E:U/RL:OF/RC:C)
1.6 Low (CCN Temporal CVSS v2 Vector: AV:L/AC:L/Au:N/C:P/I:N/A:N/E:U/RL:OF/RC:C)
| ||||||||||||||||
Vulnerability Type: | CWE-noinfo CWE-20 | ||||||||||||||||
Vulnerability Consequences: | Obtain Information | ||||||||||||||||
References: | Source: MITRE Type: CNA CVE-2007-6207 Source: CCN Type: Xen-devel Mailing List, Wed, 14 Nov 2007 23:49:56 +0000 ANNOUNCE: Xen 3.1.2 released! Source: MISC Type: Patch http://lists.xensource.com/archives/html/xen-announce/2007-11/msg00000.html Source: MLIST Type: UNKNOWN 20071021 [Xen-ia64-devel] PATCH: check r2 value for VTi mov rr[r3]=r2 Source: OSVDB Type: UNKNOWN 41341 Source: CCN Type: RHSA-2008-0154 Important: kernel security and bug fix update Source: CCN Type: SA27915 Xen "mov_to_rr" Security Bypass Vulnerability Source: SECUNIA Type: UNKNOWN 27915 Source: SECUNIA Type: UNKNOWN 29236 Source: CCN Type: OSVDB ID: 41341 Xen mov_to_rr Cross-Domain Memory Disclosure Source: REDHAT Type: UNKNOWN RHSA-2008:0154 Source: BID Type: UNKNOWN 26716 Source: CCN Type: BID-26716 Xen mov_to_rr RID Local Security Bypass Vulnerability Source: CCN Type: Xen Web site Xen Source: XF Type: UNKNOWN xen-movtorr-information-disclosure(38839) Source: OVAL Type: UNKNOWN oval:org.mitre.oval:def:9471 | ||||||||||||||||
Vulnerable Configuration: | Configuration 1: Configuration RedHat 1: Configuration RedHat 2: Configuration RedHat 3: ![]() | ||||||||||||||||
Oval Definitions | |||||||||||||||||
| |||||||||||||||||
BACK |