Vulnerability CVE-2011-1583

Vulnerability Name:

CVE-2011-1583 (CCN-67366)

Assigned:

2011-05-09

Published:

2011-05-09

Updated:

2011-08-24

Summary:

Multiple integer overflows in tools/libxc/xc_dom_bzimageloader.c in Xen 3.2, 3.3, 4.0, and 4.1 allow local users to cause a denial of service and possibly execute arbitrary code via a crafted paravirtualised guest kernel image that triggers (1) a buffer overflow during a decompression loop or (2) an out-of-bounds read in the loader involving unspecified length fields.

CVSS v3 Severity:

7.5 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H)

Exploitability Metrics:	Attack Vector (AV): Local Attack Complexity (AC): High Privileges Required (PR): Low User Interaction (UI): Required
Scope:	Scope (S): Changed
Impact Metrics:	Confidentiality (C): High Integrity (I): High Availibility (A): High

CVSS v2 Severity:

6.9 Medium (CVSS v2 Vector: AV:L/AC:M/Au:N/C:C/I:C/A:C)
5.1 Medium (Temporal CVSS v2 Vector: AV:L/AC:M/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Local Access Complexity (AC): Medium Authentication (Au): None
Impact Metrics:	Confidentiality (C): Complete Integrity (I): Complete Availibility (A): Complete

6.6 Medium (CCN CVSS v2 Vector: AV:L/AC:M/Au:S/C:C/I:C/A:C)
4.9 Medium (CCN Temporal CVSS v2 Vector: AV:L/AC:M/Au:S/C:C/I:C/A:C/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Local Access Complexity (AC): Medium Athentication (Au): Single_Instance
Impact Metrics:	Confidentiality (C): Complete Integrity (I): Complete Availibility (A): Complete

6.0 Medium (REDHAT CVSS v2 Vector: AV:L/AC:H/Au:S/C:C/I:C/A:C)
4.5 Medium (REDHAT Temporal CVSS v2 Vector: AV:L/AC:H/Au:S/C:C/I:C/A:C/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Local Access Complexity (AC): High Authentication (Au): Single_Instance
Impact Metrics:	Confidentiality (C): Complete Integrity (I): Complete Availibility (A): Complete

Vulnerability Type:

CWE-189

Vulnerability Consequences:

Gain Access

References:

Source: MITRE
Type: CNA
CVE-2011-1583

Source: CCN
Type: XenSource Web site
Xen

Source: MLIST
Type: Patch, Vendor Advisory
[Xen-devel] 20110509 Xen security advisory CVE-2011-1583 - pv kernel image validation

Source: MLIST
Type: Patch
[Xen-devel] 20110509 Re: Xen security advisory CVE-2011-1583 - pv kernel image validation

Source: CCN
Type: RHSA-2011-0496
Important: xen security update

Source: REDHAT
Type: UNKNOWN
RHSA-2011:0496

Source: CCN
Type: SA44502
Xen PV Kernel Decompression Multiple Vulnerabilities

Source: CCN
Type: SA45880
Citrix XenServer Multiple Vulnerabilities

Source: CCN
Type: CTX130325
Citrix XenServer Multiple Security Updates

Source: DEBIAN
Type: DSA-2337
xen -- several vulnerabilities

Source: CCN
Type: BID-47779
Xen Multiple Buffer Overflow and Integer Overflow Vulnerabilities

Source: CCN
Type: Red Hat Bugzilla Bug 696927
CVE-2011-1583) CVE-2011-1583 xen: insufficiencies in pv kernel image validation

Source: XF
Type: UNKNOWN
xen-cve20111583-bo(67366)

Source: CCN
Type: WhiteSource Vulnerability Database
CVE-2011-1583

Vulnerable Configuration:

Configuration 1:

cpe:/a:citrix:xen:3.2.0:*:*:*:*:*:*:*

OR cpe:/a:citrix:xen:3.3.0:*:*:*:*:*:*:*

OR cpe:/a:citrix:xen:4.0.0:*:*:*:*:*:*:*

OR cpe:/a:citrix:xen:4.1.0:*:*:*:*:*:*:*

Configuration RedHat 1:

cpe:/a:redhat:rhel_virtualization:5:*:*:*:*:*:*:*

Configuration RedHat 2:

cpe:/a:redhat:rhel_virtualization:5::server:*:*:*:*:*

Configuration RedHat 3:

cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*

Configuration RedHat 4:

cpe:/o:redhat:enterprise_linux:5::server:*:*:*:*:*

Configuration CCN 1:

cpe:/a:xensource:xen:3.0:*:*:*:*:*:*:*

OR cpe:/a:xensource:xen:4.0:*:*:*:*:*:*:*

AND

cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*

OR cpe:/a:redhat:rhel_virtualization:5::server:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:5::client:*:*:*:*:*

OR cpe:/a:citrix:xenserver:5.5:*:*:*:*:*:*:*

OR cpe:/a:citrix:xenserver:5.0:*:*:*:*:*:*:*

OR cpe:/a:citrix:xenserver:5.6:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux_long_life:5.6:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:20111583	V	CVE-2011-1583	2022-05-20
oval:org.opensuse.security:def:33021	P	Security update for libqt5-qtsvg (Moderate)	2021-10-11
oval:org.opensuse.security:def:33722	P	Security update for sqlite3 (Important)	2021-09-23
oval:org.opensuse.security:def:33698	P	Security update for libcares2 (Important)	2021-08-16
oval:org.opensuse.security:def:32942	P	Security update for ucode-intel (Important)	2021-06-10
oval:org.opensuse.security:def:29360	P	Security update for avahi (Important)	2021-06-03
oval:org.opensuse.security:def:33659	P	Security update for libwebp (Critical)	2021-06-02
oval:org.opensuse.security:def:32931	P	Security update for djvulibre (Important)	2021-05-31
oval:org.opensuse.security:def:34444	P	Security update for postgresql13 (Moderate)	2021-05-27
oval:org.opensuse.security:def:34404	P	Security update for glibc (Important)	2021-04-13
oval:org.opensuse.security:def:33766	P	Security update for screen (Important)	2021-02-17
oval:org.opensuse.security:def:28932	P	Security update for python (Important)	2021-02-11
oval:org.opensuse.security:def:28920	P	Security update for postgresql, postgresql12, postgresql13 (Important)	2021-01-26
oval:org.opensuse.security:def:28921	P	Security update for openssh (Moderate)	2021-01-05
oval:org.opensuse.security:def:32930	P	Security update for dovecot22 (Important)	2021-01-04
oval:org.opensuse.security:def:33396	P	Security update for SUSE Manager Client Tools (Critical)	2020-12-01
oval:org.opensuse.security:def:29132	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:29717	P	Security update for Mozilla Firefox	2020-12-01
oval:org.opensuse.security:def:33610	P	Security update for Mozilla Firefox	2020-12-01
oval:org.opensuse.security:def:29275	P	Security update for xen (Important)	2020-12-01
oval:org.opensuse.security:def:30392	P	Security update for Xen	2020-12-01
oval:org.opensuse.security:def:29513	P	Security update for ImageMagick (Moderate)	2020-12-01
oval:org.opensuse.security:def:33156	P	libjasper on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:29616	P	Security update for bind (Important)	2020-12-01
oval:org.opensuse.security:def:33308	P	curl-openssl1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:29001	P	Security update for Linux kernel	2020-12-01
oval:org.opensuse.security:def:29673	P	Security update for dhcpv6	2020-12-01
oval:org.opensuse.security:def:33553	P	Security update for ImageMagick (Moderate)	2020-12-01
oval:org.opensuse.security:def:29218	P	Security update for php53 (Important)	2020-12-01
oval:org.opensuse.security:def:30355	P	Security update for w3m (Moderate)	2020-12-01
oval:org.opensuse.security:def:29567	P	Security update for OpenOffice_org	2020-12-01
oval:org.opensuse.security:def:33251	P	rsyslog on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:29655	P	Security update for curl (Moderate)	2020-12-01
oval:org.mitre.oval:def:15124	P	DSA-2337-1 xen -- several vulnerabilities	2014-06-23
oval:org.mitre.oval:def:23074	P	ELSA-2011:0496: xen security update (Important)	2014-05-26
oval:org.mitre.oval:def:21927	P	RHSA-2011:0496: xen security update (Important)	2014-02-24
oval:com.ubuntu.precise:def:20111583000	V	CVE-2011-1583 on Ubuntu 12.04 LTS (precise) - medium.	2011-08-12
oval:com.redhat.rhsa:def:20110496	P	RHSA-2011:0496: xen security update (Important)	2011-05-09

BACK