What is the severity of CVE-2011-1166?

CVE-2011-1166 is classified as a high severity vulnerability due to its potential to cause a denial of service by crashing the host.

How do I fix CVE-2011-1166?

To mitigate CVE-2011-1166, upgrade your Xen hypervisor to version 4.0.2 or later, which addresses this vulnerability.

What types of systems are affected by CVE-2011-1166?

CVE-2011-1166 primarily affects local 64-bit paravirtualized (PV) Xen guests on vulnerable versions of the Xen hypervisor.

Can CVE-2011-1166 lead to data loss?

While CVE-2011-1166 mainly causes a host crash, it can lead to service disruption that may indirectly result in data loss.

Is CVE-2011-1166 still a concern for current Xen deployments?

CVE-2011-1166 is not a concern for current Xen deployments using versions after 4.0.2, as the vulnerability has been addressed.

Vulnerability/
CVE-2011-1166

medium

5.5

CWE

7/1/2014

6/8/2024

CVE-2011-1166: Input Validation

First published: Tue Jan 07 2014(Updated: )

Xen, possibly before 4.0.2, allows local 64-bit PV guests to cause a denial of service (host crash) by specifying user mode execution without user-mode pagetables.

Credit: secalert@redhat.com

Affected Software	Affected Version	How to fix
Xen xen-unstable	=3.2.0
Xen xen-unstable	=3.2.1
Xen xen-unstable	=3.0.4
Xen xen-unstable	=3.4.0
Xen xen-unstable	=3.3.2
Xen xen-unstable	=3.2.2
Xen xen-unstable	=3.4.4
Xen xen-unstable	=4.0.0
Xen xen-unstable	=3.4.3
Xen xen-unstable	=3.0.3
Xen xen-unstable	<=4.0.1
Xen xen-unstable	=3.2.3
Xen xen-unstable	=3.3.1
Xen xen-unstable	=3.0.2
Xen xen-unstable	=3.4.2
Xen xen-unstable	=3.4.1
Xen xen-unstable	=3.1.4
Xen xen-unstable	=3.3.0
Xen xen-unstable	=3.1.3

Remedy

http://wiki.xen.org/wiki/Security_Announcements#XSA-1_Host_crash_due_to_failure_to_correctly_validate_PV_kernel_execution_state.

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2011-1166?
CVE-2011-1166 is classified as a high severity vulnerability due to its potential to cause a denial of service by crashing the host.
How do I fix CVE-2011-1166?
To mitigate CVE-2011-1166, upgrade your Xen hypervisor to version 4.0.2 or later, which addresses this vulnerability.
What types of systems are affected by CVE-2011-1166?
CVE-2011-1166 primarily affects local 64-bit paravirtualized (PV) Xen guests on vulnerable versions of the Xen hypervisor.
Can CVE-2011-1166 lead to data loss?
While CVE-2011-1166 mainly causes a host crash, it can lead to service disruption that may indirectly result in data loss.
Is CVE-2011-1166 still a concern for current Xen deployments?
CVE-2011-1166 is not a concern for current Xen deployments using versions after 4.0.2, as the vulnerability has been addressed.

agent/type
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/references
agent/last-modified-date
agent/severity
agent/author
agent/remedy
agent/weakness
agent/description
agent/first-publish-date
agent/event
agent/source
agent/tags
collector/nvd-historical
agent/software-canonical-lookup-request
collector/nvd-index
vendor/xen
canonical/xen xen-unstable
version/xen xen-unstable/3.2.0
version/xen xen-unstable/3.2.1
version/xen xen-unstable/3.0.4
version/xen xen-unstable/3.4.0
version/xen xen-unstable/3.3.2
version/xen xen-unstable/3.2.2
version/xen xen-unstable/3.4.4
version/xen xen-unstable/4.0.0
version/xen xen-unstable/3.4.3
version/xen xen-unstable/3.0.3
version/xen xen-unstable/4.0.1
version/xen xen-unstable/3.2.3
version/xen xen-unstable/3.3.1
version/xen xen-unstable/3.0.2
version/xen xen-unstable/3.4.2
version/xen xen-unstable/3.4.1
version/xen xen-unstable/3.1.4
version/xen xen-unstable/3.3.0
version/xen xen-unstable/3.1.3