CVE-2008-1952

Priority
Medium
Description
The backend for XenSource Xen Para Virtualized Frame Buffer (PVFB) in Xen
ioemu does not properly restrict the frame buffer size, which allows
attackers to cause a denial of service (crash) by mapping an arbitrary
amount of guest memory.
References
Notes
 mdeslaur> this completes CVE-2008-1943
 mdeslaur> first half is xen-pvfb-validate-fb.patch in RHEL5
 mdeslaur> rhel5 is missing the second half
Assigned-to
zul
Package
Upstream:needs-triage
Package
Upstream:needs-triage
Patches:
Upstream:http://lists.xensource.com/archives/html/xen-devel/2008-05/msg00421.html
Upstream:http://lists.xensource.com/archives/html/xen-devel/2008-05/msg00508.html
Package
Upstream:needs-triage
Patches:
Upstream:http://lists.xensource.com/archives/html/xen-devel/2008-05/msg00421.html
Upstream:http://lists.xensource.com/archives/html/xen-devel/2008-05/msg00508.html
Package
Upstream:not-affected
Package
Source: xen (LP Ubuntu Debian)
Upstream:needs-triage
More Information

Updated: 2017-12-14 19:42:03 UTC (commit 13907)