CVE-2013-2211

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2013-2211

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2013-2211.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2013-2211

Downstream

DEBIAN-CVE-2013-2211

DSA-3006-1

MGASA-2013-0197

Published

2013-08-28T21:55:08Z

Modified

2026-04-16T06:24:42.497581592Z

Summary

[none]

Details

The libxenlight (libxl) toolstack library in Xen 4.0.x, 4.1.x, and 4.2.x uses weak permissions for xenstore keys for paravirtualised and emulated serial console devices, which allows local guest administrators to modify the xenstore value via unspecified vectors.

References

http://secunia.com/advisories/55082
http://security.gentoo.org/glsa/glsa-201309-24.xml
http://www.debian.org/security/2014/dsa-3006
http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00021.html
http://www.openwall.com/lists/oss-security/2013/06/25/1
http://www.openwall.com/lists/oss-security/2013/06/26/4

CVE-2013-2211

Affected packages