Your submission was sent successfully! Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

CVE-2010-4247

Published: 10 January 2011

The do_block_io_op function in (1) drivers/xen/blkback/blkback.c and (2) drivers/xen/blktap/blktap.c in Xen before 3.4.0 for the Linux kernel 2.6.18, and possibly other versions, allows guest OS users to cause a denial of service (infinite loop and CPU consumption) via a large production request index to the blkback or blktap back-end drivers. NOTE: some of these details are obtained from third party information.

From the Ubuntu Security Team

It was discovered that Xen did not correctly handle certain block requests. A local attacker in a Xen guest could cause the Xen host to use all available CPU resources, leading to a denial of service.

Notes

AuthorNote
jdstrand
xen-3.1 has linux-2.6-xen-sparse/drivers/xen/blkback/blkback.c, but
xen-3.2 and xen-3.3 do not
marking dapper task as ignored since we no longer support xen
userspace on Dapper anyway
smb
My feeling is that xen-3.1 has code affected, but does not package
that up. That would make only Hardy kernel code truely affected.
Oneiric not-affected for now (not containing blkback) and when we
move to upstream v3.0 is is fixed there.

Priority

Medium

Status

Package Release Status
linux
Launchpad, Ubuntu, Debian
dapper Does not exist

hardy
Released (2.6.24-29.91)
karmic Ignored

lucid Not vulnerable

maverick Not vulnerable

natty Not vulnerable

upstream
Released
Patches:
other: http://xenbits.xensource.com/hg/linux-2.6.18-xen.hg/rev/77f831cbb91d
other: http://xenbits.xensource.com/hg/linux-2.6.18-xen.hg/rev/7070d34f251c
linux-ec2
Launchpad, Ubuntu, Debian
dapper Does not exist

hardy Does not exist

karmic Ignored
(end of life)
lucid Not vulnerable
(no dom0 support)
maverick Ignored
(end of life)
natty Does not exist

upstream Not vulnerable

linux-fsl-imx51
Launchpad, Ubuntu, Debian
dapper Does not exist

hardy Does not exist

karmic Ignored
(end of life)
lucid Not vulnerable

maverick Does not exist

natty Does not exist

upstream Not vulnerable

linux-lts-backport-maverick
Launchpad, Ubuntu, Debian
dapper Does not exist

hardy Does not exist

karmic Does not exist

lucid Not vulnerable

maverick Does not exist

natty Does not exist

upstream Not vulnerable

linux-lts-backport-natty
Launchpad, Ubuntu, Debian
hardy Does not exist

lucid Not vulnerable

maverick Does not exist

natty Does not exist

upstream Needs triage

linux-mvl-dove
Launchpad, Ubuntu, Debian
dapper Does not exist

hardy Does not exist

karmic Ignored
(end of life)
lucid Not vulnerable

maverick Not vulnerable

natty Does not exist

upstream Not vulnerable

linux-source-2.6.15
Launchpad, Ubuntu, Debian
dapper Ignored

hardy Does not exist

karmic Does not exist

lucid Does not exist

maverick Does not exist

natty Does not exist

upstream Ignored

linux-ti-omap4
Launchpad, Ubuntu, Debian
dapper Does not exist

hardy Does not exist

karmic Does not exist

lucid Does not exist

maverick Not vulnerable

natty Not vulnerable

upstream Not vulnerable

xen-3.1
Launchpad, Ubuntu, Debian
dapper Does not exist

hardy Not vulnerable
(not using the kernel driver part)
karmic Does not exist

lucid Does not exist

maverick Does not exist

natty Does not exist

upstream Needed