CVE-2013-0190

Published: 16 January 2013

The xen_failsafe_callback function in Xen for the Linux kernel 2.6.23 and other versions, when running a 32-bit PVOPS guest, allows local users to cause a denial of service (guest crash) by triggering an iret fault, leading to use of an incorrect stack pointer and stack corruption.

From the Ubuntu security team

Andrew Cooper of Citrix reported a Xen stack corruption in the Linux kernel. An unprivileged user in a 32bit PVOPS guest can cause the guest kernel to crash, or operate erroneously.

Priority

Medium

Status

Package Release Status
linux
Launchpad, Ubuntu, Debian
Upstream
Released (3.8~rc5)
Ubuntu 16.04 LTS (Xenial Xerus) Not vulnerable
(4.2.0-16.19)
Ubuntu 14.04 ESM (Trusty Tahr) Not vulnerable
(3.11.0-12.19)
Ubuntu 12.04 ESM (Precise Pangolin)
Released (3.2.0-39.62)
Patches:
Other: http://seclists.org/oss-sec/2013/q1/att-96/xsa40.patch
Introduced by 5ead97c84fa7d63a6a7a2f4e9f18f452bd109045
Fixed by 9174adbee4a9a49d0139f5d71969852b36720809
linux-armadaxp
Launchpad, Ubuntu, Debian
Upstream
Released (3.8~rc5)
Ubuntu 16.04 LTS (Xenial Xerus) Does not exist

Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

Ubuntu 12.04 ESM (Precise Pangolin) Does not exist
(precise was not-affected [XEN specific issue])
This package is not directly supported by the Ubuntu Security Team
linux-aws
Launchpad, Ubuntu, Debian
Upstream
Released (3.8~rc5)
Ubuntu 16.04 LTS (Xenial Xerus) Not vulnerable
(4.4.0-1001.10)
Ubuntu 14.04 ESM (Trusty Tahr) Not vulnerable
(4.4.0-1002.2)
Ubuntu 12.04 ESM (Precise Pangolin) Does not exist

linux-ec2
Launchpad, Ubuntu, Debian
Upstream
Released (3.8~rc5)
Ubuntu 16.04 LTS (Xenial Xerus) Does not exist

Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

Ubuntu 12.04 ESM (Precise Pangolin) Does not exist

linux-flo
Launchpad, Ubuntu, Debian
Upstream
Released (3.8~rc5)
Ubuntu 16.04 LTS (Xenial Xerus) Ignored
(abandoned)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist
(trusty was ignored [was needed now end-of-life])
Ubuntu 12.04 ESM (Precise Pangolin) Does not exist

linux-fsl-imx51
Launchpad, Ubuntu, Debian
Upstream
Released (3.8~rc5)
Ubuntu 16.04 LTS (Xenial Xerus) Does not exist

Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

Ubuntu 12.04 ESM (Precise Pangolin) Does not exist

linux-gke
Launchpad, Ubuntu, Debian
Upstream
Released (3.8~rc5)
Ubuntu 16.04 LTS (Xenial Xerus) Not vulnerable
(4.4.0-1003.3)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

Ubuntu 12.04 ESM (Precise Pangolin) Does not exist

linux-goldfish
Launchpad, Ubuntu, Debian
Upstream
Released (3.8~rc5)
Ubuntu 16.04 LTS (Xenial Xerus) Not vulnerable
(3.4.0-4.27)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist
(trusty was ignored [was needed now end-of-life])
Ubuntu 12.04 ESM (Precise Pangolin) Does not exist

linux-grouper
Launchpad, Ubuntu, Debian
Upstream
Released (3.8~rc5)
Ubuntu 16.04 LTS (Xenial Xerus) Does not exist

Ubuntu 14.04 ESM (Trusty Tahr) Does not exist
(trusty was ignored [abandoned])
Ubuntu 12.04 ESM (Precise Pangolin) Does not exist

linux-hwe
Launchpad, Ubuntu, Debian
Upstream
Released (3.8~rc5)
Ubuntu 16.04 LTS (Xenial Xerus) Not vulnerable
(4.8.0-36.36~16.04.1)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

Ubuntu 12.04 ESM (Precise Pangolin) Does not exist

linux-hwe-edge
Launchpad, Ubuntu, Debian
Upstream
Released (3.8~rc5)
Ubuntu 16.04 LTS (Xenial Xerus) Not vulnerable
(4.8.0-36.36~16.04.1)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

Ubuntu 12.04 ESM (Precise Pangolin) Does not exist

linux-linaro-omap
Launchpad, Ubuntu, Debian
Upstream
Released (3.8~rc5)
Ubuntu 16.04 LTS (Xenial Xerus) Does not exist

Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

Ubuntu 12.04 ESM (Precise Pangolin) Does not exist
(precise was ignored [abandoned])
linux-linaro-shared
Launchpad, Ubuntu, Debian
Upstream
Released (3.8~rc5)
Ubuntu 16.04 LTS (Xenial Xerus) Does not exist

Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

Ubuntu 12.04 ESM (Precise Pangolin) Does not exist
(precise was ignored [abandoned])
linux-linaro-vexpress
Launchpad, Ubuntu, Debian
Upstream
Released (3.8~rc5)
Ubuntu 16.04 LTS (Xenial Xerus) Does not exist

Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

Ubuntu 12.04 ESM (Precise Pangolin) Does not exist
(precise was ignored [abandoned])
linux-lts-backport-maverick
Launchpad, Ubuntu, Debian
Upstream
Released (3.8~rc5)
Ubuntu 16.04 LTS (Xenial Xerus) Does not exist

Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

Ubuntu 12.04 ESM (Precise Pangolin) Does not exist

linux-lts-backport-oneiric
Launchpad, Ubuntu, Debian
Upstream
Released (3.8~rc5)
Ubuntu 16.04 LTS (Xenial Xerus) Does not exist

Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

Ubuntu 12.04 ESM (Precise Pangolin) Does not exist

linux-lts-quantal
Launchpad, Ubuntu, Debian
Upstream
Released (3.8~rc5)
Ubuntu 16.04 LTS (Xenial Xerus) Does not exist

Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

Ubuntu 12.04 ESM (Precise Pangolin) Does not exist
(precise was released [3.5.0-26.42~precise1])
Patches:
DNE
linux-lts-raring
Launchpad, Ubuntu, Debian
Upstream
Released (3.8~rc5)
Ubuntu 16.04 LTS (Xenial Xerus) Does not exist

Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

Ubuntu 12.04 ESM (Precise Pangolin) Does not exist
(precise was not-affected [3.8.0-19.30~precise1])
linux-lts-trusty
Launchpad, Ubuntu, Debian
Upstream
Released (3.8~rc5)
Ubuntu 16.04 LTS (Xenial Xerus) Does not exist

Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

Ubuntu 12.04 ESM (Precise Pangolin) Not vulnerable
(3.13.0-24.46~precise1)
linux-lts-utopic
Launchpad, Ubuntu, Debian
Upstream
Released (3.8~rc5)
Ubuntu 16.04 LTS (Xenial Xerus) Does not exist

Ubuntu 14.04 ESM (Trusty Tahr) Does not exist
(trusty was not-affected [3.16.0-25.33~14.04.2])
Ubuntu 12.04 ESM (Precise Pangolin) Does not exist

linux-lts-vivid
Launchpad, Ubuntu, Debian
Upstream
Released (3.8~rc5)
Ubuntu 16.04 LTS (Xenial Xerus) Does not exist

Ubuntu 14.04 ESM (Trusty Tahr) Does not exist
(trusty was not-affected [3.19.0-18.18~14.04.1])
Ubuntu 12.04 ESM (Precise Pangolin) Does not exist

linux-lts-wily
Launchpad, Ubuntu, Debian
Upstream
Released (3.8~rc5)
Ubuntu 16.04 LTS (Xenial Xerus) Does not exist

Ubuntu 14.04 ESM (Trusty Tahr) Does not exist
(trusty was not-affected [4.2.0-18.22~14.04.1])
Ubuntu 12.04 ESM (Precise Pangolin) Does not exist

linux-lts-xenial
Launchpad, Ubuntu, Debian
Upstream
Released (3.8~rc5)
Ubuntu 16.04 LTS (Xenial Xerus) Does not exist

Ubuntu 14.04 ESM (Trusty Tahr) Not vulnerable
(4.4.0-13.29~14.04.1)
Ubuntu 12.04 ESM (Precise Pangolin) Does not exist

linux-maguro
Launchpad, Ubuntu, Debian
Upstream
Released (3.8~rc5)
Ubuntu 16.04 LTS (Xenial Xerus) Does not exist

Ubuntu 14.04 ESM (Trusty Tahr) Does not exist
(trusty was ignored [abandoned])
Ubuntu 12.04 ESM (Precise Pangolin) Does not exist

linux-mako
Launchpad, Ubuntu, Debian
Upstream
Released (3.8~rc5)
Ubuntu 16.04 LTS (Xenial Xerus) Ignored
(abandoned)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist
(trusty was ignored [was needed now end-of-life])
Ubuntu 12.04 ESM (Precise Pangolin) Does not exist

linux-manta
Launchpad, Ubuntu, Debian
Upstream
Released (3.8~rc5)
Ubuntu 16.04 LTS (Xenial Xerus) Does not exist

Ubuntu 14.04 ESM (Trusty Tahr) Does not exist
(trusty was not-affected [3.4.0-5.22])
Ubuntu 12.04 ESM (Precise Pangolin) Does not exist

linux-mvl-dove
Launchpad, Ubuntu, Debian
Upstream
Released (3.8~rc5)
Ubuntu 16.04 LTS (Xenial Xerus) Does not exist

Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

Ubuntu 12.04 ESM (Precise Pangolin) Does not exist

linux-qcm-msm
Launchpad, Ubuntu, Debian
Upstream
Released (3.8~rc5)
Ubuntu 16.04 LTS (Xenial Xerus) Does not exist

Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

Ubuntu 12.04 ESM (Precise Pangolin) Does not exist
(precise was ignored [abandoned])
linux-raspi2
Launchpad, Ubuntu, Debian
Upstream
Released (3.8~rc5)
Ubuntu 16.04 LTS (Xenial Xerus) Not vulnerable
(4.2.0-1013.19)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

Ubuntu 12.04 ESM (Precise Pangolin) Does not exist

linux-snapdragon
Launchpad, Ubuntu, Debian
Upstream
Released (3.8~rc5)
Ubuntu 16.04 LTS (Xenial Xerus) Not vulnerable
(4.4.0-1012.12)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

Ubuntu 12.04 ESM (Precise Pangolin) Does not exist

linux-ti-omap4
Launchpad, Ubuntu, Debian
Upstream
Released (3.8~rc5)
Ubuntu 16.04 LTS (Xenial Xerus) Does not exist

Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

Ubuntu 12.04 ESM (Precise Pangolin) Does not exist
(precise was not-affected [XEN specific issue])