LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 23, 2013

An "enum" for Python 3

An unexpected perf feature

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

xen: denial of service

Package(s):xen CVE #(s):CVE-2012-2625
Created:August 1, 2012 Updated:September 14, 2012
Description: From the Red Hat advisory:

A flaw was found in the way the pyGrub boot loader handled compressed kernel images. A privileged guest user in a para-virtualized guest (a DomU) could use this flaw to create a crafted kernel image that, when attempting to boot it, could result in an out-of-memory condition in the privileged domain (the Dom0).

Alerts:
Red Hat RHSA-2012:1130-01 2012-07-31
CentOS CESA-2012:1130 2012-07-31
Oracle ELSA-2012-1130 2012-08-01
Scientific Linux SL-xen-20120801 2012-08-01
SUSE SUSE-SU-2012:1043-1 2012-08-27
SUSE SUSE-SU-2012:1044-1 2012-08-27
SUSE SUSE-SU-2012:1135-1 2012-09-07
openSUSE openSUSE-SU-2012:1174-1 2012-09-14
openSUSE openSUSE-SU-2012:1172-1 2012-09-14
openSUSE openSUSE-SU-2012:1572-1 2012-11-26
openSUSE openSUSE-SU-2012:1573-1 2012-11-26
(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds