CVE-2013-4375

Priority
Medium
Description
The qdisk PV disk backend in qemu-xen in Xen 4.2.x and 4.3.x before 4.3.1,
and qemu 1.1 and other versions, allows local HVM guests to cause a denial
of service (domain grant reference consumption) via unspecified vectors.
References
Notes
jdstrand> per upstream, xen 4.2 and later
jdstrand> per Xen team, qemu 1.1 and later
mdeslaur> per smb, this is only in qemu packages, and we only really use
mdeslaur> the one in saucy+
mdeslaur> This is XSA-71
mdeslaur> introduced in c6961b7d38317fd48a8e86a8c2be4b9aeeb71ac0
mdeslaur> quantal file location is hw/xen_disk.c
Assigned-to
mdeslaur
Package
Upstream:needs-triage
Ubuntu 10.04 LTS (Lucid Lynx):not-affected (3.3.0-1ubuntu11)
Ubuntu 12.04 LTS (Precise Pangolin):DNE
Ubuntu 12.10 (Quantal Quetzal):DNE
Ubuntu 13.10 (Saucy Salamander):DNE
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Package
Source: xen (LP Ubuntu Debian)
Upstream:needs-triage
Ubuntu 10.04 LTS (Lucid Lynx):DNE
Ubuntu 12.04 LTS (Precise Pangolin):not-affected
Ubuntu 12.10 (Quantal Quetzal):not-affected (4.1.3-3ubuntu1.7)
Ubuntu 13.10 (Saucy Salamander):not-affected
Ubuntu 14.04 LTS (Trusty Tahr):not-affected
Package
Upstream:needs-triage
Ubuntu 10.04 LTS (Lucid Lynx):not-affected (0.12.3+noroms-0ubuntu9.21)
Ubuntu 12.04 LTS (Precise Pangolin):not-affected (1.0+noroms-0ubuntu14.11)
Ubuntu 12.10 (Quantal Quetzal):released (1.2.0+noroms-0ubuntu2.12.10.6)
Ubuntu 13.10 (Saucy Salamander):DNE
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Patches:
Upstream:http://git.qemu.org/?p=qemu.git;a=commit;h=a76f48e53382e6f039db6278443e3ce437653302
Package
Source: qemu (LP Ubuntu Debian)
Upstream:needs-triage
Ubuntu 10.04 LTS (Lucid Lynx):DNE
Ubuntu 12.04 LTS (Precise Pangolin):DNE
Ubuntu 12.10 (Quantal Quetzal):DNE
Ubuntu 13.10 (Saucy Salamander):released (1.5.0+dfsg-3ubuntu5.3)
Ubuntu 14.04 LTS (Trusty Tahr):not-affected (1.7.0+dfsg-2ubuntu5)
Patches:
Patch:xsa71-qemu-xen-4.2.patch
Upstream:http://git.qemu.org/?p=qemu.git;a=commit;h=a76f48e53382e6f039db6278443e3ce437653302
More Information

Valid XHTML 1.0 Strict

Updated: 2014-01-30 21:14:36 UTC (commit 7696)