CVE-2013-1917

EPSS 0.07%

xen - several

Published: 5/13/2013Modified: 4/28/2026

Also known as:DEBIAN-CVE-2013-1917

Description

Xen 3.1 through 4.x, when running 64-bit hosts on Intel CPUs, does not clear the NT flag when using an IRET after a SYSENTER instruction, which allows PV guest users to cause a denial of service (hypervisor crash) by triggering a #GP fault, which is not properly handled by another IRET instruction.

Affected packages (2)

Debian/xenfrom 0, < 4.1.4-3
Debian/xenfrom 0, < 4.0.1-5.10

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2013-1917