CVE-2013-0190 in Ubuntu

CVE-2013-0190

Priority

Description

The xen_failsafe_callback function in Xen for the Linux kernel 2.6.23 and
other versions, when running a 32-bit PVOPS guest, allows local users to
cause a denial of service (guest crash) by triggering an iret fault,
leading to use of an incorrect stack pointer and stack corruption.

Ubuntu-Description

Andrew Cooper of Citrix reported a Xen stack corruption in the Linux
kernel. An unprivileged user in a 32bit PVOPS guest can cause the guest
kernel to crash, or operate erroneously.

References

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0190
http://www.openwall.com/lists/oss-security/2013/01/16/8
https://usn.ubuntu.com/usn/usn-1719-1
https://usn.ubuntu.com/usn/usn-1720-1
https://usn.ubuntu.com/usn/usn-1725-1
https://usn.ubuntu.com/usn/usn-1728-1
https://usn.ubuntu.com/usn/usn-1767-1
https://usn.ubuntu.com/usn/usn-1768-1
https://usn.ubuntu.com/usn/usn-1769-1
https://usn.ubuntu.com/usn/usn-1774-1

Bugs

https://launchpad.net/bugs/1102374

Package

Source: linux (LP Ubuntu Debian)

Upstream:	released (3.8~rc5)
Ubuntu 12.04 ESM (Precise Pangolin):	released (3.2.0-39.62)
Ubuntu 14.04 LTS (Trusty Tahr):	not-affected (3.11.0-12.19)
Ubuntu 16.04 LTS (Xenial Xerus):	not-affected (4.2.0-16.19)

Patches:

Other:	http://seclists.org/oss-sec/2013/q1/att-96/xsa40.patch
Introduced by 5ead97c84fa7d63a6a7a2f4e9f18f452bd109045	Fixed by 9174adbee4a9a49d0139f5d71969852b36720809

Package

Source: linux-armadaxp (LP Ubuntu Debian)

Upstream:	released (3.8~rc5)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE (precise was not-affected [XEN specific issue])
Ubuntu 14.04 LTS (Trusty Tahr):	DNE
Ubuntu 16.04 LTS (Xenial Xerus):	DNE

Package

Source: linux-aws (LP Ubuntu Debian)

Upstream:	released (3.8~rc5)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 LTS (Trusty Tahr):	not-affected (4.4.0-1002.2)
Ubuntu 16.04 LTS (Xenial Xerus):	not-affected (4.4.0-1001.10)

Package

Source: linux-ec2 (LP Ubuntu Debian)

Upstream:	released (3.8~rc5)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 LTS (Trusty Tahr):	DNE
Ubuntu 16.04 LTS (Xenial Xerus):	DNE

Package

Source: linux-flo (LP Ubuntu Debian)

Upstream:	released (3.8~rc5)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 LTS (Trusty Tahr):	ignored (was needed now end-of-life)
Ubuntu 16.04 LTS (Xenial Xerus):	ignored (abandoned)

Package

Source: linux-fsl-imx51 (LP Ubuntu Debian)

Upstream:	released (3.8~rc5)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 LTS (Trusty Tahr):	DNE
Ubuntu 16.04 LTS (Xenial Xerus):	DNE

Package

Source: linux-gke (LP Ubuntu Debian)

Upstream:	released (3.8~rc5)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 LTS (Trusty Tahr):	DNE
Ubuntu 16.04 LTS (Xenial Xerus):	not-affected (4.4.0-1003.3)

Package

Source: linux-goldfish (LP Ubuntu Debian)

Upstream:	released (3.8~rc5)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 LTS (Trusty Tahr):	ignored (was needed now end-of-life)
Ubuntu 16.04 LTS (Xenial Xerus):	not-affected (3.4.0-4.27)

Package

Source: linux-grouper (LP Ubuntu Debian)

Upstream:	released (3.8~rc5)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 LTS (Trusty Tahr):	ignored (abandoned)
Ubuntu 16.04 LTS (Xenial Xerus):	DNE

Package

Source: linux-hwe (LP Ubuntu Debian)

Upstream:	released (3.8~rc5)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 LTS (Trusty Tahr):	DNE
Ubuntu 16.04 LTS (Xenial Xerus):	not-affected (4.8.0-36.36~16.04.1)

Package

Source: linux-hwe-edge (LP Ubuntu Debian)

Upstream:	released (3.8~rc5)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 LTS (Trusty Tahr):	DNE
Ubuntu 16.04 LTS (Xenial Xerus):	not-affected (4.8.0-36.36~16.04.1)

Package

Source tree: https://github.com/bq/aquaris-E4.5

linux-krillin:

not-affected (1.0)

Package

Source: linux-linaro-omap (LP Ubuntu Debian)

Upstream:	released (3.8~rc5)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE (precise was ignored [abandoned])
Ubuntu 14.04 LTS (Trusty Tahr):	DNE
Ubuntu 16.04 LTS (Xenial Xerus):	DNE

Package

Source: linux-linaro-shared (LP Ubuntu Debian)

Upstream:	released (3.8~rc5)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE (precise was ignored [abandoned])
Ubuntu 14.04 LTS (Trusty Tahr):	DNE
Ubuntu 16.04 LTS (Xenial Xerus):	DNE

Package

Source: linux-linaro-vexpress (LP Ubuntu Debian)

Upstream:	released (3.8~rc5)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE (precise was ignored [abandoned])
Ubuntu 14.04 LTS (Trusty Tahr):	DNE
Ubuntu 16.04 LTS (Xenial Xerus):	DNE

Package

Source: linux-lts-backport-maverick (LP Ubuntu Debian)

Upstream:	released (3.8~rc5)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 LTS (Trusty Tahr):	DNE
Ubuntu 16.04 LTS (Xenial Xerus):	DNE

Package

Source: linux-lts-backport-oneiric (LP Ubuntu Debian)

Upstream:	released (3.8~rc5)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 LTS (Trusty Tahr):	DNE
Ubuntu 16.04 LTS (Xenial Xerus):	DNE

Package

Source: linux-lts-quantal (LP Ubuntu Debian)

Upstream:	released (3.8~rc5)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE (precise was released [3.5.0-26.42~precise1])
Ubuntu 14.04 LTS (Trusty Tahr):	DNE
Ubuntu 16.04 LTS (Xenial Xerus):	DNE

Patches:

Package

Source: linux-lts-raring (LP Ubuntu Debian)

Upstream:	released (3.8~rc5)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE (precise was not-affected [3.8.0-19.30~precise1])
Ubuntu 14.04 LTS (Trusty Tahr):	DNE
Ubuntu 16.04 LTS (Xenial Xerus):	DNE

Package

Source: linux-lts-trusty (LP Ubuntu Debian)

Upstream:	released (3.8~rc5)
Ubuntu 12.04 ESM (Precise Pangolin):	not-affected (3.13.0-24.46~precise1)
Ubuntu 14.04 LTS (Trusty Tahr):	DNE
Ubuntu 16.04 LTS (Xenial Xerus):	DNE

Package

Source: linux-lts-utopic (LP Ubuntu Debian)

Upstream:	released (3.8~rc5)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 LTS (Trusty Tahr):	not-affected (3.16.0-25.33~14.04.2)
Ubuntu 16.04 LTS (Xenial Xerus):	DNE

Package

Source: linux-lts-vivid (LP Ubuntu Debian)

Upstream:	released (3.8~rc5)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 LTS (Trusty Tahr):	not-affected (3.19.0-18.18~14.04.1)
Ubuntu 16.04 LTS (Xenial Xerus):	DNE

Package

Source: linux-lts-wily (LP Ubuntu Debian)

Upstream:	released (3.8~rc5)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 LTS (Trusty Tahr):	not-affected (4.2.0-18.22~14.04.1)
Ubuntu 16.04 LTS (Xenial Xerus):	DNE

Package

Source: linux-lts-xenial (LP Ubuntu Debian)

Upstream:	released (3.8~rc5)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 LTS (Trusty Tahr):	not-affected (4.4.0-13.29~14.04.1)
Ubuntu 16.04 LTS (Xenial Xerus):	DNE

Package

Source: linux-maguro (LP Ubuntu Debian)

Upstream:	released (3.8~rc5)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 LTS (Trusty Tahr):	ignored (abandoned)
Ubuntu 16.04 LTS (Xenial Xerus):	DNE

Package

Source: linux-mako (LP Ubuntu Debian)

Upstream:	released (3.8~rc5)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 LTS (Trusty Tahr):	ignored (was needed now end-of-life)
Ubuntu 16.04 LTS (Xenial Xerus):	ignored (abandoned)

Package

Source: linux-manta (LP Ubuntu Debian)

Upstream:	released (3.8~rc5)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 LTS (Trusty Tahr):	not-affected (3.4.0-5.22)
Ubuntu 16.04 LTS (Xenial Xerus):	DNE

Package

Source: linux-mvl-dove (LP Ubuntu Debian)

Upstream:	released (3.8~rc5)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 LTS (Trusty Tahr):	DNE
Ubuntu 16.04 LTS (Xenial Xerus):	DNE

Package

Source: linux-qcm-msm (LP Ubuntu Debian)

Upstream:	released (3.8~rc5)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE (precise was ignored [abandoned])
Ubuntu 14.04 LTS (Trusty Tahr):	DNE
Ubuntu 16.04 LTS (Xenial Xerus):	DNE

Package

Source: linux-raspi2 (LP Ubuntu Debian)

Upstream:	released (3.8~rc5)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 LTS (Trusty Tahr):	DNE
Ubuntu 16.04 LTS (Xenial Xerus):	not-affected (4.2.0-1013.19)

Package

Source: linux-snapdragon (LP Ubuntu Debian)

Upstream:	released (3.8~rc5)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 LTS (Trusty Tahr):	DNE
Ubuntu 16.04 LTS (Xenial Xerus):	not-affected (4.4.0-1012.12)

Package

Source: linux-ti-omap4 (LP Ubuntu Debian)

Upstream:	released (3.8~rc5)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE (precise was not-affected [XEN specific issue])
Ubuntu 14.04 LTS (Trusty Tahr):	DNE
Ubuntu 16.04 LTS (Xenial Xerus):	DNE

Package

Source tree: https://github.com/bq/aquaris-E5

linux-vegetahd:

not-affected (1.0)

More Information

Updated: 2019-03-19 12:08:04 UTC (commit 15472795df7e9de45b82f2d36b8b419b939f97b2)