1. Home
  2. Vulnerabilities
  3. CVE-2011-1898

CVE-2011-1898

CVSS v2.0 7.4 (High)
74% Progress
EPSS 0.07 % (30th)
0.07% Progress
Affected Products 1
Advisories 9
Info CVSS EPSS Affected Configurations References Security Advisories Packages & Software OVAL Tools, Exploits & PoC Graph Web & Social Timeline

Xen 4.1 before 4.1.1 and 4.0 before 4.0.2, when using PCI passthrough on Intel VT-d chipsets that do not have interrupt remapping, allows guest OS users to gain host OS privileges by "using DMA to generate MSI interrupts by writing to the interrupt injection registers."

Weaknesses
CWE-264
Permissions, Privileges, and Access Controls
CVE Status
PUBLISHED
CNA
MITRE
Published Date
2011-08-12 18:55:00
(13 years ago)
Updated Date
2011-10-26 02:58:58
(13 years ago)

Affected Products

Citrix

Configuration #1

    CPE23 From Up To
  Citrix Xen 4.0.0 cpe:2.3:a:citrix:xen:4.0.0
  Citrix Xen 4.0.1 cpe:2.3:a:citrix:xen:4.0.1
  Citrix Xen 4.1.0 cpe:2.3:a:citrix:xen:4.1.0