CVE-2018-5244
Published: 5 January 2018
In Xen 4.10, new infrastructure was introduced as part of an overhaul to how MSR emulation happens for guests. Unfortunately, one tracking structure isn't freed when a vcpu is destroyed. This allows guest OS administrators to cause a denial of service (host OS memory consumption) by rebooting many times.
Notes
Author | Note |
---|---|
mdeslaur | hypervisor packages are in universe. For issues in the hypervisor, add appropriate tags to each section, ex: Tags_xen: universe-binary |
Priority
CVSS 3 base score: 6.5
Status
Package | Release | Status |
---|---|---|
xen Launchpad, Ubuntu, Debian |
upstream |
Needs triage
|
precise |
Does not exist
|
|
trusty |
Does not exist
(trusty was not-affected)
|
|
xenial |
Not vulnerable
|
|
zesty |
Not vulnerable
|
|
artful |
Not vulnerable
|
|
Binaries built from this source package are in Universe and so are supported by the community. |