CVE-2013-0154
Published: 12 January 2013
The get_page_type function in xen/arch/x86/mm.c in Xen 4.2, when debugging is enabled, allows local PV or HVM guest administrators to cause a denial of service (assertion failure and hypervisor crash) via unspecified vectors related to a hypercall.
Priority
Medium
Notes
| Author | Note |
|---|---|
| mdeslaur | hypervisor packages are in universe. For issues in the hypervisor, add appropriate tags to each section, ex: Tags_xen: universe-binary |
| jdstrand | only affect Xen 4.2, and only when debugging enabled. Debugging is not enabled in Ubuntu 13.04. |
References
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0154
- http://xforce.iss.net/xforce/xfdb/80977
- http://www.securitytracker.com/id?1027937
- http://www.openwall.com/lists/oss-security/2013/01/04/2
- http://seclists.org/oss-sec/2013/q1/att-17/xsa37-4_2.patch
- http://osvdb.org/88913
- NVD
- Launchpad
- Debian