CVE-2012-2934

Published: 03 December 2012

Xen 4.0, and 4.1, when running a 64-bit PV guest on "older" AMD CPUs, does not properly protect against a certain AMD processor bug, which allows local guest OS users to cause a denial of service (host hang) via sequential execution of instructions across a non-canonical boundary, a different vulnerability than CVE-2012-0217.

Priority

Low

Status

Package Release Status
xen
Launchpad, Ubuntu, Debian
Upstream
Released (4.1.3~rc1+hg-20120614.a9c0a89c08f2-2)
Ubuntu 14.04 ESM (Trusty Tahr) Not vulnerable
(4.1.3~rc1+hg-20120614.a9c0a89c08f2-4ubuntu1)
Patches:
Vendor: http://www.debian.org/security/2012/dsa-2501
Binaries built from this source package are in Universe and so are supported by the community.
xen-3.1
Launchpad, Ubuntu, Debian
Upstream Needs triage

Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

Binaries built from this source package are in Universe and so are supported by the community.
xen-3.2
Launchpad, Ubuntu, Debian
Upstream Needs triage

Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

Binaries built from this source package are in Universe and so are supported by the community.
xen-3.3
Launchpad, Ubuntu, Debian
Upstream Needs triage

Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

Binaries built from this source package are in Universe and so are supported by the community.