CVE-2013-4375
Published: 19 January 2014
The qdisk PV disk backend in qemu-xen in Xen 4.2.x and 4.3.x before 4.3.1, and qemu 1.1 and other versions, allows local HVM guests to cause a denial of service (domain grant reference consumption) via unspecified vectors.
Notes
Author | Note |
---|---|
jdstrand | per upstream, xen 4.2 and later per Xen team, qemu 1.1 and later |
mdeslaur | per smb, this is only in qemu packages, and we only really use the one in saucy+ This is XSA-71 introduced in c6961b7d38317fd48a8e86a8c2be4b9aeeb71ac0 quantal file location is hw/xen_disk.c |
Priority
Status
Package | Release | Status |
---|---|---|
qemu Launchpad, Ubuntu, Debian |
quantal |
Does not exist
|
lucid |
Does not exist
|
|
precise |
Does not exist
|
|
raring |
Ignored
(end of life)
|
|
saucy |
Released
(1.5.0+dfsg-3ubuntu5.3)
|
|
upstream |
Needs triage
|
|
Patches: upstream: http://git.qemu.org/?p=qemu.git;a=commit;h=a76f48e53382e6f039db6278443e3ce437653302 |
||
qemu-kvm Launchpad, Ubuntu, Debian |
lucid |
Not vulnerable
(0.12.3+noroms-0ubuntu9.21)
|
precise |
Not vulnerable
(1.0+noroms-0ubuntu14.11)
|
|
quantal |
Released
(1.2.0+noroms-0ubuntu2.12.10.6)
|
|
raring |
Does not exist
|
|
saucy |
Does not exist
|
|
upstream |
Needs triage
|
|
Patches: upstream: http://git.qemu.org/?p=qemu.git;a=commit;h=a76f48e53382e6f039db6278443e3ce437653302 |
||
xen Launchpad, Ubuntu, Debian |
lucid |
Does not exist
|
precise |
Not vulnerable
|
|
quantal |
Not vulnerable
(4.1.3-3ubuntu1.7)
|
|
raring |
Not vulnerable
|
|
saucy |
Not vulnerable
|
|
upstream |
Needs triage
|
|
Binaries built from this source package are in Universe and so are supported by the community. | ||
xen-3.3 Launchpad, Ubuntu, Debian |
lucid |
Not vulnerable
(3.3.0-1ubuntu11)
|
precise |
Does not exist
|
|
quantal |
Does not exist
|
|
raring |
Does not exist
|
|
saucy |
Does not exist
|
|
upstream |
Needs triage
|
|
Binaries built from this source package are in Universe and so are supported by the community. |