oss-sec mailing list archives

Re: CVE Request: XEN local denial of service

From: "Steven M. Christey" <coley () linus mitre org>
Date: Thu, 21 May 2009 20:26:21 -0400 (EDT)


More specific information on Xen's affected versions would be appreciated.
I made a guess based on the version that was released a few days after the
patch.

- Steve


======================================================
Name: CVE-2009-1758
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1758
Reference: MLIST:[Xen-devel] 20090513 [PATCH] linux/i386: hypervisor_callback adjustments
Reference: URL:http://lists.xensource.com/archives/html/xen-devel/2009-05/msg00561.html
Reference: MLIST:[oss-security] 20090514 CVE Request: XEN local denial of service
Reference: URL:http://www.openwall.com/lists/oss-security/2009/05/14/2

The hypervisor_callback function in Xen, possibly before 3.4.0, as
applied to the Linux kernel 2.6.30-rc4, 2.6.18, and probably other
versions allows guest user applications to cause a denial of service
(kernel oops) of the guest OS by triggering a segmentation fault in
"certain address ranges."

Current thread:

CVE Request: XEN local denial of service Marcus Meissner (May 14)
- Re: CVE Request: XEN local denial of service Steven M. Christey (May 21)
  - Re: CVE Request: XEN local denial of service Eugene Teo (May 22)