Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2013-2211

The libxenlight (libxl) toolstack library in Xen 4.0.x, 4.1.x, and 4.2.x uses weak permissions for xenstore keys for paravirtualised and emulated serial console devices, which allows local guest administrators to modify the xenstore value via unspecified vectors.

Related bugs and status

CVE-2013-2211 (Candidate) is related to these bugs:

Bug #1293993: [MRE] Rebase Xen to upstream stable 4.1.6.1

Summary				In	Importance	Status
	1293993	[MRE] Rebase Xen to upstream stable 4.1.6.1		xen (Ubuntu)	Medium	Invalid
	1293993	[MRE] Rebase Xen to upstream stable 4.1.6.1		xen (Ubuntu Precise)	Medium	Fix Released

See the

CVE page on Mitre.org for more details.

References

MISC: http://secunia.com/adv...
MISC: http://www.debian.org/...
MISC: http://security.gentoo...
MISC: http://lists.opensuse....
MISC: http://www.openwall.co...
MISC: http://www.openwall.co...