Multiple integer overflows in tools/libxc/xc_dom_bzimageloader.c in Xen 3.2, 3.3, 4.0, and 4.1 allow local users to cause a denial of service and possibly execute arbitrary code via a crafted paravirtualised guest kernel image that triggers (1) a buffer overflow during a decompression loop or (2) an out-of-bounds read in the loader involving unspecified length fields.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: redhat
Published: 2011-08-12T18:00:00
Updated: 2011-08-23T09:00:00
Reserved: 2011-04-05T00:00:00
Link: CVE-2011-1583
JSON object: View
NVD Information
Status : Modified
Published: 2011-08-12T18:55:00.697
Modified: 2011-08-24T03:17:10.600
Link: CVE-2011-1583
JSON object: View
Redhat Information
No data.
CWE