The get_page_type function in xen/arch/x86/mm.c in Xen 4.2, when debugging
is enabled, allows local PV or HVM guest administrators to cause a denial
of service (assertion failure and hypervisor crash) via unspecified vectors
related to a hypercall.
Author | Note |
---|---|
mdeslaur | hypervisor packages are in universe. For issues in the hypervisor, add appropriate tags to each section, ex: Tags_xen: universe-binary |
jdstrand | only affect Xen 4.2, and only when debugging enabled. Debugging is not enabled in Ubuntu 13.04. |
osvdb.org/88913
seclists.org/oss-sec/2013/q1/att-17/xsa37-4_2.patch
www.openwall.com/lists/oss-security/2013/01/04/2
www.securitytracker.com/id?1027937
xforce.iss.net/xforce/xfdb/80977
launchpad.net/bugs/cve/CVE-2013-0154
nvd.nist.gov/vuln/detail/CVE-2013-0154
security-tracker.debian.org/tracker/CVE-2013-0154
www.cve.org/CVERecord?id=CVE-2013-0154