CVE-2011-1898
First published: Thu Jun 23 2011(Updated: )
Problem description: Intel VT-d chipsets without interrupt remapping do not prevent a guest which owns a PCI device from using DMA to generate MSI interrupts by writing to the interrupt injection registers. This can be exploited to inject traps and gain control of the host. References: <a href="http://lists.xensource.com/archives/html/xen-devel/2011-05/msg00687.html">http://lists.xensource.com/archives/html/xen-devel/2011-05/msg00687.html</a> <a href="http://theinvisiblethings.blogspot.com/2011/05/following-white-rabbit-software-attacks.html">http://theinvisiblethings.blogspot.com/2011/05/following-white-rabbit-software-attacks.html</a> <a href="http://www.invisiblethingslab.com/resources/2011/Software%20Attacks%20on%20Intel%20VT-d.pdf">http://www.invisiblethingslab.com/resources/2011/Software%20Attacks%20on%20Intel%20VT-d.pdf</a>
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| XenServer | =4.0.0 | |
| XenServer | =4.0.1 | |
| XenServer | =4.1.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://lists.xensource.com/archives/html/xen-devel/2011-05/msg00687.html
- http://theinvisiblethings.blogspot.com/2011/05/following-white-rabbit-software-attacks.html
- http://www.invisiblethingslab.com/resources/2011/Software%20Attacks%20on%20Intel%20VT-d.pdf
- https://access.redhat.com/security/cve/CVE-2011-1898
- http://docs.redhat.com/docs/en-US/index.html
- https://rhn.redhat.com/errata/RHSA-2011-1189.html
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=748692
- https://rhn.redhat.com/errata/RHSA-2011-1479.html
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=715555#c8
- https://access.redhat.com/kb/docs/DOC-66828
- https://rhn.redhat.com/errata/RHSA-2012-0358.html
- https://access.redhat.com/knowledge/articles/66747
- https://bugzilla.redhat.com/show_bug.cgi?id=715555
- http://lists.fedoraproject.org/pipermail/package-announce/2011-June/062112.html
- http://lists.fedoraproject.org/pipermail/package-announce/2011-June/062139.html
- http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00017.html
- http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00018.html
- http://xen.1045712.n5.nabble.com/Xen-security-advisory-CVE-2011-1898-VT-d-PCI-passthrough-MSI-td4390298.html
- http://xen.org/download/index_4.0.2.html
- collector/redhat-bugzilla
- alias/CVE-2011-1898
- agent/type
- agent/softwarecombine
- agent/last-modified-date
- agent/first-publish-date
- agent/references
- agent/author
- agent/remedy
- agent/weakness
- agent/severity
- agent/description
- agent/tags
- agent/event
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-historical
- vendor/citrix
- canonical/xenserver
- version/xenserver/4.0.0
- version/xenserver/4.0.1
- version/xenserver/4.1.0