CVE-2013-6400
Xen 4.2.x-4.3.x - Denial of Service or Privilege Escalation via IOMMU TLB Flush Suppression
Title source: llmDescription
Xen 4.2.x and 4.3.x, when using Intel VT-d and a PCI device has been assigned, does not clear the flag that suppresses IOMMU TLB flushes when unspecified errors occur, which causes the TLB entries to not be flushed and allows local guest administrators to cause a denial of service (host crash) or gain privileges via unspecified vectors.
References (8)
Core 8
Core References
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/55932
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1029468
Mailing List vendor-advisory
x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00011.html
Mailing List, Third Party Advisory vendor-advisory
x_refsource_fedora
http://lists.fedoraproject.org/pipermail/package-announce/2013-December/125081.html
Third Party Advisory vendor-advisory
x_refsource_gentoo
http://security.gentoo.org/glsa/glsa-201407-03.xml
Mailing List, Third Party Advisory vendor-advisory
x_refsource_fedora
http://lists.fedoraproject.org/pipermail/package-announce/2013-December/125111.html
Various Sources mailing-list
x_refsource_mlist
http://lists.xen.org/archives/html/xen-announce/2013-12/msg00002.html
Mailing List mailing-list
x_refsource_mlist
http://www.openwall.com/lists/oss-security/2013/12/10/7
Scores
EPSS
0.0039
EPSS Percentile
60.3%
Details
CWE
CWE-264
Status
published
Products (6)
xen/xen
4.2.0
xen/xen
4.2.1
xen/xen
4.2.2
xen/xen
4.2.3
xen/xen
4.3.0
xen/xen
4.3.1
Published
Dec 13, 2013
Tracked Since
Feb 18, 2026