CVE-2011-3131
xen - denial of service
EPSS 0.05%
Description
Xen 4.1.1 and earlier allows local guest OS kernels with control of a PCI[E] device to cause a denial of service (CPU consumption and host hang) via many crafted DMA requests that are denied by the IOMMU, which triggers a livelock.
How to fix CVE-2011-3131
To remediate CVE-2011-3131, upgrade the affected package to a fixed version below.
- Debian/xen—upgrade to 4.1.2-1 or later
- Debian/xen—upgrade to 4.0.1-5.5 or later
Is CVE-2011-3131 being exploited?
Low — EPSS is 0.1%, meaning exploitation activity has not been observed at scale.
Affected packages (2)
- from 0, < 4.1.2-1
- from 0, < 4.0.1-5.5