LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

Kernel prepatch 3.9-rc6

LWN.net Weekly Edition for April 4, 2013

LWN.net Weekly Edition for March 28, 2013

A kernel change breaks GlusterFS

PyCon: Evangelizing Python

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

kernel: multiple vulnerabilities

Package(s):kernel CVE #(s):CVE-2013-0216 CVE-2013-0217
Created:March 1, 2013 Updated:March 22, 2013
Description:

From the Xen advisory:

The Xen netback implementation contains a couple of flaws which can allow a guest to cause a DoS in the backend domain, potentially affecting other domains in the system.

CVE-2013-0216 is a failure to sanity check the ring producer/consumer pointers which can allow a guest to cause netback to loop for an extended period preventing other work from occurring.

CVE-2013-0217 is a memory leak on an error path which is guest triggerable.

Alerts:
Oracle ELSA-2013-2507 2013-02-28
openSUSE openSUSE-SU-2013:0395-1 2013-03-05
openSUSE openSUSE-SU-2013:0396-1 2013-03-05
Ubuntu USN-1756-1 2013-03-06
Ubuntu USN-1760-1 2013-03-12
Ubuntu USN-1767-1 2013-03-18
Ubuntu USN-1769-1 2013-03-18
Ubuntu USN-1768-1 2013-03-18
Ubuntu USN-1774-1 2013-03-21
Fedora FEDORA-2013-3909 2013-03-22
(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds