CVE-2011-1583
EPSS 0.52%
描述
Multiple integer overflows in tools/libxc/xc_dom_bzimageloader.c in Xen 3.2, 3.3, 4.0, and 4.1 allow local users to cause a denial of service and possibly execute arbitrary code via a crafted paravirtualised guest kernel image that triggers (1) a buffer overflow during a decompression loop or (2) an out-of-bounds read in the loader involving unspecified length fields.
如何修補 CVE-2011-1583
要修補 CVE-2011-1583,請將受影響套件升級到下列已修補版本。
- Debian/xen—升級至 4.1.1-1 或更新版本
CVE-2011-1583 正在被利用嗎?
低 — EPSS 為 0.5%,目前沒有觀察到大規模利用活動。
受影響套件(1)
- from 0, < 4.1.1-1