CVE-2013-3495

Impact:
Moderate
Public Date:
2013-08-20
Bugzilla:
986302: CVE-2013-3495 hw: virt: Intel VT-d Interrupt Remapping engines can be evaded by native NMI interrupts

The MITRE CVE dictionary describes this issue as:

The Intel VT-d Interrupt Remapping engine in Xen 3.3.x through 4.3.x allows local guests to cause a denial of service (kernel panic) via a malformed Message Signaled Interrupt (MSI) from a PCI device that is bus mastering capable that triggers a System Error Reporting (SERR) Non-Maskable Interrupt (NMI).

Find out more about CVE-2013-3495 from the MITRE CVE dictionary dictionary and NIST NVD.

Statement

This is hardware issue related to Intel VT-d, affecting all hypervisors (such as Xen and KVM) using Intel VT-d for guest PCI passthrough.

CVSS v2 metrics

NOTE: The following CVSS v2 metrics and score provided are preliminary and subject to review.

Base Score 4.3
Base Metrics AV:A/AC:H/Au:S/C:N/I:N/A:C
Access Vector Adjacent Network
Access Complexity High
Authentication Single
Confidentiality Impact None
Integrity Impact None
Availability Impact Complete

Find out more about Red Hat support for the Common Vulnerability Scoring System (CVSS).

Affected Packages State

Platform Package State
Red Hat Enterprise Linux 5 kernel-xen Affected

Acknowledgements

Red Hat would like to thank the Xen and KVM upstreams for reporting this issue. Xen upstream acknowledged Gábor PÉK of CrySyS Lab as the original reporter

Last Modified