vulnerability note CVE-2013-1952
Xen: denial of service via VT-d MSI
Synthesis of the vulnerability
An attacker, who is located in a guest system, can remap interruptions of a device, in order to trigger a denial of service.Impacted products:
XenServer, Debian, Fedora, openSUSE, SUSE Linux Enterprise Desktop, SLES, Unix (platform).
BID-59617, CERTA-2013-AVI-290, CTX137657, CVE-2013-1952, DSA-2666-1, FEDORA-2013-7426, FEDORA-2013-7432, openSUSE-SU-2013:1392-1, openSUSE-SU-2013:1404-1, SUSE-SU-2013:1075-1, VIGILANCE-VUL-12749, XSA-49.
Description of the vulnerability
A system using an Intel VT-d processor, can use the PCI Passthrough feature, so a device supporting Bus Mastering is accessible for guest systems.
However, in this configuration, the origin of interruption remapping queries is not checked.
An attacker, who is located in a guest system, can therefore remap interruptions of a device, in order to trigger a denial of service.Complete Vigil@nce bulletin....
Share this bulletin
Computer vulnerabilities tracking service
Vigil@nce provides networks vulnerabilities alerts
. The Vigil@nce vulnerability database contains several thousand vulnerabilities. The Vigil@nce computer vulnerability tracking service alerts your teams of vulnerabilities or threats impacting your information system. The Vigil@nce security watch publishes vulnerability bulletins about threats impacting the information system.