Your submission was sent successfully! Close

CVE-2013-4375

Published: 19 January 2014

The qdisk PV disk backend in qemu-xen in Xen 4.2.x and 4.3.x before 4.3.1, and qemu 1.1 and other versions, allows local HVM guests to cause a denial of service (domain grant reference consumption) via unspecified vectors.

Priority

Medium

Status

Package Release Status
qemu
Launchpad, Ubuntu, Debian
lucid Does not exist

precise Does not exist

quantal Does not exist

raring Ignored
(reached end-of-life)
saucy
Released (1.5.0+dfsg-3ubuntu5.3)
upstream Needs triage

Patches:
upstream: http://git.qemu.org/?p=qemu.git;a=commit;h=a76f48e53382e6f039db6278443e3ce437653302

qemu-kvm
Launchpad, Ubuntu, Debian
lucid Not vulnerable
(0.12.3+noroms-0ubuntu9.21)
precise Not vulnerable
(1.0+noroms-0ubuntu14.11)
quantal
Released (1.2.0+noroms-0ubuntu2.12.10.6)
raring Does not exist

saucy Does not exist

upstream Needs triage

Patches:

upstream: http://git.qemu.org/?p=qemu.git;a=commit;h=a76f48e53382e6f039db6278443e3ce437653302
xen
Launchpad, Ubuntu, Debian
lucid Does not exist

precise Not vulnerable

quantal Not vulnerable
(4.1.3-3ubuntu1.7)
raring Not vulnerable

saucy Not vulnerable

upstream Needs triage

Binaries built from this source package are in Universe and so are supported by the community.
xen-3.3
Launchpad, Ubuntu, Debian
lucid Not vulnerable
(3.3.0-1ubuntu11)
precise Does not exist

quantal Does not exist

raring Does not exist

saucy Does not exist

upstream Needs triage

Binaries built from this source package are in Universe and so are supported by the community.

Notes

AuthorNote
jdstrand
per upstream, xen 4.2 and later
per Xen team, qemu 1.1 and later
mdeslaur
per smb, this is only in qemu packages, and we only really use
the one in saucy+
This is XSA-71
introduced in c6961b7d38317fd48a8e86a8c2be4b9aeeb71ac0
quantal file location is hw/xen_disk.c

References