Description
Use-after-free vulnerability in the libxl_list_cpupool function in the libxl toolstack library in Xen 4.2.x and 4.3.x, when running "under memory pressure," returns the original pointer when the realloc function fails, which allows local users to cause a denial of service (heap corruption and crash) and possibly execute arbitrary code via unspecified vectors.
References (2)
Core 2
Core References
Third Party Advisory vendor-advisory
x_refsource_gentoo
http://security.gentoo.org/glsa/glsa-201407-03.xml
Mailing List mailing-list
x_refsource_mlist
http://www.openwall.com/lists/oss-security/2013/10/10/12
Scores
EPSS
0.0008
EPSS Percentile
23.9%
Details
CWE
CWE-399
Status
published
Products (5)
xen/xen
4.2.0
xen/xen
4.2.1
xen/xen
4.2.2
xen/xen
4.2.3
xen/xen
4.3.0
Published
Oct 17, 2013
Tracked Since
Feb 18, 2026