VDB
CVE-2008-1952
CVE-2008-1952
PUBLISHED
CVSS 2.0999999046325684 LOW
The backend for XenSource Xen Para Virtualized Frame Buffer (PVFB) in Xen ioemu does not properly restrict the frame buffer size, which allows attackers to cause a denial of service (crash) by mapping an arbitrary amount of guest memory.
EPSS 0.08% · 23.0th percentile
Risk Scores
CVSS v2.0
2.0999999046325684
EPSS Score
0.08%
23.0th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | n/a |
| xensource | xen_para_virtualized_frame_buffer |
Timeline
- Jun 23, 2008 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 20, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Sep 3, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Dec 17, 2022 EPSS Score
- Feb 8, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 1, 2023 EPSS Score
- May 24, 2023 EPSS Score
References
- 32088 third-party-advisory
- [oss-security] 20080521 New Xen ioemu: PVFB backend issue mailing-list
- http://xenbits.xensource.com/xen-unstable.hg?rev/9044705960cb30cec385bdca7305bcf7db096721 url
- oval:org.mitre.oval:def:11189 vdb
- 1020957 vdb
- [Xen-devel] 20080521 [PATCH] ioemu: Fix PVFB backend to limit frame buffer size mailing-list
- xen-pvfb-ioemu-dos(43362) vdb
- RHSA-2008:0892 vendor-advisory
- 30646 vdb
- https://nvd.nist.gov/vuln/detail/CVE-2008-1952 advisory