Candidate: CVE-2013-4551
PublicDate: 2013-11-18 02:55:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4551
 http://www.openwall.com/lists/oss-security/2013/11/08
 http://lists.xen.org/archives/html/xen-announce/2013-11/msg00003.html
Description:
 Xen 4.2.x and 4.3.x, when nested virtualization is disabled, does not
 properly check the emulation paths for (1) VMLAUNCH and (2) VMRESUME, which
 allows local HVM guest users to cause a denial of service (host crash) via
 unspecified vectors related to "guest VMX instruction execution."
Ubuntu-Description:
Notes:
 seth-arnold> Only 4.2.x and newer are affected
 mdeslaur> This is XSA-75
Bugs:
Priority: medium
Discovered-by: Jeff Zimmerman
Assigned-to:
CVSS: 

Patches_xen-3.3:
Tags_xen-3.3: universe-binary
upstream_xen-3.3: ignored (reached end-of-life)
lucid_xen-3.3: not-affected
precise_xen-3.3: DNE
quantal_xen-3.3: DNE
raring_xen-3.3: DNE
saucy_xen-3.3: DNE
devel_xen-3.3: DNE

Patches_xen:
 upstream: http://lists.xen.org/archives/html/xen-announce/2013-11/bin2hKX7luNN5.bin (4.2)
 upstream: http://lists.xen.org/archives/html/xen-announce/2013-11/biniGGC75KPr1.bin (4.3)
Tags_xen: universe-binary
upstream_xen: needed
lucid_xen: DNE
precise_xen: not-affected
quantal_xen: not-affected
raring_xen: released (4.2.2-0ubuntu0.13.04.3)
saucy_xen: released (4.3.0-1ubuntu1.2)
devel_xen: released (4.3.0-1ubuntu2)