CVE-2011-3262

Xen 3.2-4.1 - Denial of Service via Decompression Loop Error Handling

Title source: llm

Description

tools/libxc/xc_dom_bzimageloader.c in Xen 3.2, 3.3, 4.0, and 4.1 allows local users to cause a denial of service (management software infinite loop and management domain resource consumption) via unspecified vectors related to "Lack of error checking in the decompression loop."

References (5)

Core 5

Core References

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/55082

Third Party Advisory vendor-advisory x_refsource_gentoo

http://security.gentoo.org/glsa/glsa-201309-24.xml

Patch mailing-list x_refsource_mlist

http://lists.xensource.com/archives/html/xen-devel/2011-05/msg00483.html

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/69381

Patch mailing-list x_refsource_mlist

http://lists.xensource.com/archives/html/xen-devel/2011-05/msg00491.html

Scores

EPSS 0.0010

EPSS Percentile 26.3%

Details

CWE

CWE-399

Status published

Products (4)

citrix/xen 3.2.0

citrix/xen 3.3.0

citrix/xen 4.0.0

citrix/xen 4.1.0

Published Aug 19, 2011

Tracked Since Feb 18, 2026