CVE-2013-2212

Published: 28 August 2013

The vmx_set_uc_mode function in Xen 3.3 through 4.3, when disabling caches, allows local HVM guests with access to memory mapped I/O regions to cause a denial of service (CPU consumption and possibly hypervisor or guest kernel panic) via a crafted GFN range.

Notes

Author	Note
mdeslaur	This is XSA-60

Priority

Status

Package	Release	Status
xen Launchpad, Ubuntu, Debian	precise	Released (4.1.6.1-0ubuntu0.12.04.11)
	trusty	Does not exist (trusty was not-affected)
	upstream	Needs triage
	wily	Not vulnerable
	xenial	Not vulnerable
	Binaries built from this source package are in Universe and so are supported by the community.

References

http://xenbits.xen.org/xsa/advisory-60.html
https://www.cve.org/CVERecord?id=CVE-2013-2212
NVD
Launchpad
Debian

Bugs

https://bugs.launchpad.net/ubuntu/+source/xen/+bug/1564822

Join the discussion

Ubuntu security updates mailing list
Security announcements mailing list

Canonical is offering Expanded Security Maintenance

Canonical is offering Ubuntu Expanded Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›