CVE-2013-4551
Published: 18 November 2013
Xen 4.2.x and 4.3.x, when nested virtualization is disabled, does not properly check the emulation paths for (1) VMLAUNCH and (2) VMRESUME, which allows local HVM guest users to cause a denial of service (host crash) via unspecified vectors related to "guest VMX instruction execution."
Notes
| Author | Note |
|---|---|
| seth-arnold | Only 4.2.x and newer are affected |
| mdeslaur | This is XSA-75 |
Priority
Status
| Package | Release | Status |
|---|---|---|
|
xen Launchpad, Ubuntu, Debian |
lucid |
Does not exist
|
| precise |
Not vulnerable
|
|
| quantal |
Not vulnerable
|
|
| raring |
Released
(4.2.2-0ubuntu0.13.04.3)
|
|
| saucy |
Released
(4.3.0-1ubuntu1.2)
|
|
| upstream |
Needed
|
|
|
Patches: upstream: http://lists.xen.org/archives/html/xen-announce/2013-11/bin2hKX7luNN5.bin upstream: http://lists.xen.org/archives/html/xen-announce/2013-11/biniGGC75KPr1.bin |
||
| Binaries built from this source package are in Universe and so are supported by the community. | ||
|
xen-3.3 Launchpad, Ubuntu, Debian |
lucid |
Not vulnerable
|
| precise |
Does not exist
|
|
| quantal |
Does not exist
|
|
| raring |
Does not exist
|
|
| saucy |
Does not exist
|
|
| upstream |
Ignored
(end of life)
|
|
| Binaries built from this source package are in Universe and so are supported by the community. | ||