Vulnerability Details : CVE-2011-3131
Xen 4.1.1 and earlier allows local guest OS kernels with control of a PCI[E] device to cause a denial of service (CPU consumption and host hang) via many crafted DMA requests that are denied by the IOMMU, which triggers a livelock.
Vulnerability category: Denial of service
Exploit prediction scoring system (EPSS) score for CVE-2011-3131
Probability of exploitation activity in the next 30 days: 0.05%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 16 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2011-3131
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
4.6
|
MEDIUM | AV:L/AC:L/Au:S/C:N/I:N/A:C |
3.1
|
6.9
|
NIST |
CWE ids for CVE-2011-3131
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2011-3131
-
http://xenbits.xen.org/hg/staging/xen-4.1-testing.hg/rev/84e3706df07a
staging/xen-4.1-testing.hg: 84e3706df07aExploit
-
http://www.debian.org/security/2012/dsa-2582
Debian -- Security Information -- DSA-2582-1 xen
-
http://www.securityfocus.com/bid/49146
Xen DMA Requests IOMMU Denial of Service Vulnerability
-
http://old-list-archives.xen.org/archives/html/xen-devel/2011-06/msg01106.html
[Xen-devel] IOMMU faults - Xen Source
-
http://old-list-archives.xen.org/archives/html/xen-devel/2011-08/msg00450.html
[Xen-devel] Xen Advisory 5 (CVE-2011-3131) IOMMU fault livelock - Xen Source
Products affected by CVE-2011-3131
- cpe:2.3:o:xen:xen:*:*:*:*:*:*:*:*