Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:30897
HistoryJun 19, 2014 - 12:00 a.m.

[oss-security] Xen Security Advisory 54 (CVE-2013-2078) - Hypervisor crash due to missing exception recovery on XSETBV

2014-06-1900:00:00
vulners.com
23
JSON

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

     Xen Security Advisory CVE-2013-2078 / XSA-54
                        version 4

   Hypervisor crash due to missing exception recovery on XSETBV

UPDATES IN VERSION 4

Reduce vulnerable range of versions to 4.1 and onwards.

ISSUE DESCRIPTION

Processors do certain validity checks on the register values passed to
XSETBV. For the PV emulation path for that instruction the hypervisor
code didn't check for certain invalid bit combinations, thus exposing
itself to a fault occurring when invoking that instruction on behalf
of the guest.

IMPACT

Malicious or buggy unprivileged user space can cause the entire host
to crash.

VULNERABLE SYSTEMS

Xen 4.1 and onwards are vulnerable when run on systems with processors
supporting XSAVE. Only PV guests can exploit the vulnerability.

In Xen 4.1 XSAVE support is disabled by default; therefore systems
running these versions are not vulnerable unless support is explicitly
enabled using the "xsave" hypervisor command line option.

Systems using processors not supporting XSAVE are not vulnerable.

Xen 3.x and earlier are not vulnerable. In particular, Xen 4.0.x is not
vulnerable because XSAVE support there covers only HVM guests.

MITIGATION

Turning off XSAVE support via the "no-xsave" hypervisor command line
option will avoid the vulnerability.

RESOLUTION

Applying the attached patch resolves this issue.

xsa54.patch Xen 4.1.x, Xen 4.2.x, xen-unstable

$ sha256sum xsa54-*.patch
5d94946b3c9cba52aae2bffd4b0ebb11d09181650b5322a3c85170674a05f6b7 xsa54.patch
$
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQEcBAEBAgAGBQJTjb4yAAoJEIP+FMlX6CvZTvcIAJW1kkoJDpYy3m2CUFux5FeN
rft9S+iPrh45/B67VuHOnaEfpcBQ/71+jKEjJQ8kJdJnWmP6i+kAuoVKma/PkY9x
VkeNM//9gM1UKp581p0yQp61Yw46hiREWDkue+VsnMIl88w/EV2Yv5R2LQaPMinZ
TM08EdK/lgERYQ2LSdkc55kE/jHoenBMBYjnCJPBYJY1jPdgJo488ZTpol/opqaM
o99/ziUPfa30KXHFtgq1iQs7qu+boMEv/QfRSC3xQS1tTSaXqnuPVDlz6tXBkrW9
AI5Mx1cJMSrd02KBMsaZvjQVaDjVO3L1svfEXvjeUmbGuE+hx0jvglblS6+i2Z4=
=SnXC
-----END PGP SIGNATURE-----

Related

xen 1
cve 1
prion 1
ubuntucve 1
debiancve 1
nessus 12
fedora 19
securityvulns 1
suse 2
openvas 40
mageia 1
debian 1
osv 1
gentoo 1
xen
xen
Hypervisor crash due to missing exception recovery on XSETBV
2013-06-03 12:00:00
cve
cve
CVE-2013-2078
2013-08-14 15:55:00
prion
prion
Information disclosure
2013-08-14 15:55:00
ubuntucve
ubuntucve
CVE-2013-2078
2013-08-14 00:00:00
debiancve
debiancve
CVE-2013-2078
2013-08-14 15:55:00
nessus
nessus
Fedora 19 : xen-4.2.2-6.fc19 (2013-9986)
2013-07-12 00:00:00
Fedora 17 : xen-4.1.5-5.fc17 (2013-10247)
2013-07-12 00:00:00
Fedora 18 : xen-4.2.2-6.fc18 (2013-10136)
2013-07-12 00:00:00
fedora
fedora
[SECURITY] Fedora 19 Update: xen-4.2.2-6.fc19
2013-06-13 06:50:58
[SECURITY] Fedora 18 Update: xen-4.2.2-6.fc18
2013-06-14 02:28:52
[SECURITY] Fedora 18 Update: xen-4.2.2-9.fc18
2013-07-06 00:52:04
securityvulns
securityvulns
Xen multiple security vulnerabilities
2014-06-19 00:00:00
suse
suse
Security update for Xen (important)
2013-08-09 16:04:13
Security update for Xen (important)
2013-06-25 19:04:17
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2013:1314-1)
2021-06-09 00:00:00
Mageia: Security Advisory (MGASA-2013-0197)
2022-01-28 00:00:00
SUSE: Security Advisory (SUSE-SU-2013:1075-1)
2021-06-09 00:00:00
mageia
mageia
Updated xen package fixes security issues
2013-07-01 23:17:22
debian
debian
[SECURITY] [DSA 3006-1] xen security update
2014-08-18 12:41:33
osv
osv
xen - security update
2014-08-18 00:00:00
gentoo
gentoo
Xen: Multiple vulnerabilities
2013-09-27 00:00:00
JSON
Related for SECURITYVULNS:DOC:30897
xen1cve1prion1ubuntucve1debiancve1nessus12fedora19securityvulns1suse2openvas40mageia1debian1osv1gentoo1