CVE-2013-1918
xen - several
EPSS 0.10%
Description
Certain page table manipulation operations in Xen 4.1.x, 4.2.x, and earlier are not preemptible, which allows local PV kernels to cause a denial of service via vectors related to "deep page table traversal."
How to fix CVE-2013-1918
To remediate CVE-2013-1918, upgrade the affected package to a fixed version below.
- Debian/xen—upgrade to 4.1.4-4 or later
- Debian/xen—upgrade to 4.0.1-5.11 or later
Is CVE-2013-1918 being exploited?
Low — EPSS is 0.1%, meaning exploitation activity has not been observed at scale.
Affected packages (2)
- from 0, < 4.1.4-4
- from 0, < 4.0.1-5.11