Vulnerability Description
Multiple unspecified vulnerabilities in the Elf parser (libelf) in Xen 4.2.x and earlier allow local guest administrators with certain permissions to have an unspecified impact via a crafted kernel, related to "other problems" that are not CVE-2013-2194 or CVE-2013-2195.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Xen | Xen | <= 4.2.2 |
References
- http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00015.html
- http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00021.html
- http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00000.html
- http://secunia.com/advisories/55082
- http://security.gentoo.org/glsa/glsa-201309-24.xml
- http://support.citrix.com/article/CTX138058PatchVendor Advisory
- http://www.debian.org/security/2014/dsa-3006
- http://www.openwall.com/lists/oss-security/2013/06/20/2
- http://www.openwall.com/lists/oss-security/2013/06/20/4
- http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00015.html
- http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00021.html
- http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00000.html
- http://secunia.com/advisories/55082
- http://security.gentoo.org/glsa/glsa-201309-24.xml
- http://support.citrix.com/article/CTX138058PatchVendor Advisory
FAQ
What is CVE-2013-2196?
CVE-2013-2196 is a vulnerability with a CVSS score of 6.9 (MEDIUM). Multiple unspecified vulnerabilities in the Elf parser (libelf) in Xen 4.2.x and earlier allow local guest administrators with certain permissions to have an unspecified impact via a crafted kernel, r...
How severe is CVE-2013-2196?
CVE-2013-2196 has been rated MEDIUM with a CVSS base score of 6.9/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2013-2196?
Check the references section above for vendor advisories and patch information. Affected products include: Xen Xen.