CVE-2010-4255
Published: 25 January 2011
The fixup_page_fault function in arch/x86/traps.c in Xen 4.0.1 and earlier on 64-bit platforms, when paravirtualization is enabled, does not verify that kernel mode is used to call the handle_gdt_ldt_mapping_fault function, which allows guest OS users to cause a denial of service (host OS BUG_ON) via a crafted memory access.
Priority
Status
Package | Release | Status |
---|---|---|
xen Launchpad, Ubuntu, Debian |
Upstream |
Released
(4.0.1-2)
|
Ubuntu 14.04 ESM (Trusty Tahr) |
Not vulnerable
(4.1.0-3)
|
|
Binaries built from this source package are in Universe and so are supported by the community. | ||
xen-3.1 Launchpad, Ubuntu, Debian |
Upstream |
Needs triage
|
Ubuntu 14.04 ESM (Trusty Tahr) |
Does not exist
|
|
Binaries built from this source package are in Universe and so are supported by the community. | ||
xen-3.2 Launchpad, Ubuntu, Debian |
Upstream |
Needs triage
|
Ubuntu 14.04 ESM (Trusty Tahr) |
Does not exist
|
|
Patches: Upstream: http://old-list-archives.xen.org/archives/html/xen-devel/2010-11/msg01650.html |
||
Binaries built from this source package are in Universe and so are supported by the community. | ||
xen-3.3 Launchpad, Ubuntu, Debian |
Upstream |
Needs triage
|
Ubuntu 14.04 ESM (Trusty Tahr) |
Does not exist
|
|
Binaries built from this source package are in Universe and so are supported by the community. |