oss-sec mailing list archives
Re: CVE Request: XEN local denial of service
From: "Steven M. Christey" <coley () linus mitre org>
Date: Thu, 21 May 2009 20:26:21 -0400 (EDT)
More specific information on Xen's affected versions would be appreciated. I made a guess based on the version that was released a few days after the patch. - Steve ====================================================== Name: CVE-2009-1758 Status: Candidate URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1758 Reference: MLIST:[Xen-devel] 20090513 [PATCH] linux/i386: hypervisor_callback adjustments Reference: URL:http://lists.xensource.com/archives/html/xen-devel/2009-05/msg00561.html Reference: MLIST:[oss-security] 20090514 CVE Request: XEN local denial of service Reference: URL:http://www.openwall.com/lists/oss-security/2009/05/14/2 The hypervisor_callback function in Xen, possibly before 3.4.0, as applied to the Linux kernel 2.6.30-rc4, 2.6.18, and probably other versions allows guest user applications to cause a denial of service (kernel oops) of the guest OS by triggering a segmentation fault in "certain address ranges."
Current thread:
- CVE Request: XEN local denial of service Marcus Meissner (May 14)
- Re: CVE Request: XEN local denial of service Steven M. Christey (May 21)
- Re: CVE Request: XEN local denial of service Eugene Teo (May 22)
- Re: CVE Request: XEN local denial of service Steven M. Christey (May 21)