|
|
Subscribe / Log in / New account

xen: denial of service

Package(s):xen CVE #(s):CVE-2013-1918 CVE-2013-1952
Created:May 13, 2013 Updated:July 19, 2013
Description: From the Debian advisory:

CVE-2013-1918: (XSA 45) Several long latency operations are not preemptible

Some page table manipulation operations for PV guests were not made preemptible, allowing a malicious or buggy PV guest kernel to mount a denial of service attack affecting the whole system.

CVE-2013-1952: (XSA 49) VT-d interrupt remapping source validation flaw for bridges

Due to missing source validation on interrupt remapping table entries for MSI interrupts set up by bridge devices, a malicious domain with access to such a device, can mount a denial of service attack affecting the whole system.

Alerts:
SUSE SUSE-SU-2014:0446-1 Xen 2014-03-25
Gentoo 201309-24 xen 2013-09-27
CentOS 2013:X003 kernel 2013-07-18
openSUSE openSUSE-SU-2013:1404-1 xen 2013-09-04
Mageia MGASA-2013-0197 xen 2013-07-01
openSUSE openSUSE-SU-2013:1392-1 xen 2013-08-30
SUSE SUSE-SU-2013:1075-1 Xen 2013-06-25
Fedora FEDORA-2013-7432 xen 2013-05-15
Fedora FEDORA-2013-7426 xen 2013-05-15
Debian DSA-2666-1 xen 2013-05-12
to post comments


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds