Integer Overflow Vulnerability in Xen Hypervisor Affects Multiple Versions
CVE-2011-1583

Currently unrated

Key Information:

Vendor
Citrix
Status
Vendor
CVE Published:
12 August 2011

Summary

Multiple integer overflow vulnerabilities identified in the Xen hypervisor's handling of paravirtualised guest kernel images can lead to serious security issues. Specifically, local users may exploit these vulnerabilities to cause a denial of service or potentially execute arbitrary code. The flaws arise within the bzimageloader component of the hypervisor, where improper validation of kernel image parameters can trigger buffer overflows during decompression loops and affect out-of-bounds reads. This can compromise the integrity and availability of virtualized environments.

References

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.