CVE-2013-3495
EPSS 0.08%
Description
The Intel VT-d Interrupt Remapping engine in Xen 3.3.x through 4.3.x allows local guests to cause a denial of service (kernel panic) via a malformed Message Signaled Interrupt (MSI) from a PCI device that is bus mastering capable that triggers a System Error Reporting (SERR) Non-Maskable Interrupt (NMI).
How to fix CVE-2013-3495
To remediate CVE-2013-3495, upgrade the affected package to a fixed version below.
- Debian/xen—upgrade to 4.4.1-3 or later
Is CVE-2013-3495 being exploited?
Low — EPSS is 0.1%, meaning exploitation activity has not been observed at scale.
Affected packages (1)
- from 0, < 4.4.1-3