CVE-2013-2211 Information

Feb 14, 2021 cve

Description

The libxenlight (libxl) toolstack library in Xen 4.0.x 4.1.x and 4.2.x uses weak permissions for xenstore keys for paravirtualised and emulated serial console devices which allows local guest administrators to modify the xenstore value via unspecified vectors.

Reference

http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00021.html http://secunia.com/advisories/55082 http://security.gentoo.org/glsa/glsa-201309-24.xml http://www.debian.org/security/2014/dsa-3006 http://www.openwall.com/lists/oss-security/2013/06/25/1 http://www.openwall.com/lists/oss-security/2013/06/26/4

Share on: