CVE-2018-15468

Priority
Description
An issue was discovered in Xen through 4.11.x. The DEBUGCTL MSR contains
several debugging features, some of which virtualise cleanly, but some do
not. In particular, Branch Trace Store is not virtualised by the processor,
and software has to be careful to configure it suitably not to lock up the
core. As a result, it must only be available to fully trusted guests.
Unfortunately, in the case that vPMU is disabled, all value checking was
skipped, allowing the guest to choose any MSR_DEBUGCTL setting it likes. A
malicious or buggy guest administrator (on Intel x86 HVM or PVH) can lock
up the entire host, causing a Denial of Service.
Notes
mdeslaurhypervisor packages are in universe. For
issues in the hypervisor, add appropriate
tags to each section, ex:
Tags_xen: universe-binary
Package
Source: xen (LP Ubuntu Debian)
Upstream:released (4.11.1~pre.20180911.5acdd26fdc+dfsg-2)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE (trusty was needs-triage)
Ubuntu 16.04 LTS (Xenial Xerus):needed
Ubuntu 18.04 LTS (Bionic Beaver):needed
Ubuntu 19.04 (Disco Dingo):needed
Ubuntu 19.10 (Eoan Ermine):needed
Ubuntu 20.04 (Focal Fossa):needed
Binaries built from this source package are in universe and so are supported by the community. For more details see https://wiki.ubuntu.com/SecurityTeam/FAQ#Official_Support
More Information

Updated: 2019-12-05 19:54:00 UTC (commit 0aa5e7c87c8b55d2ec5c7f4ca1179cf75de91961)