Summary
Multiple vulnerabilities have been discovered in the Xen hypervisor. The Common Vulnerabilities and Exposures project identifies the following problems:
CVE-2013-1918 (XSA
45
) several long latency operations are not preemptible.
Some page table manipulation operations for PV guests were not made preemptible, allowing a malicious or buggy PV guest kernel to mount a denial of service attack affecting the whole system.
CVE-2013-1952 (XSA
49
) VT-d interrupt remapping source validation flaw for bridges.
Due to missing source validation on interrupt remapping table entries for MSI interrupts set up by bridge devices, a malicious domain with access to such a device can mount a denial of service attack affecting the whole system.
CVE-2013-1964 (XSA
50
) grant table hypercall acquire/release imbalance.
When releasing a particular, non-transitive grant after doing a grant copy operation, Xen incorrectly releases an unrelated grant reference, leading possibly to a crash of the host system.
Furthermore information leakage or privilege escalation cannot be ruled out.
Solution
For the oldstable distribution (squeeze), these problems have been fixed in version 4.0.1-5.11.
For the stable distribution (wheezy), these problems have been fixed in version 4.1.4-3+deb7u1.
For the testing distribution (jessie), these problems have been fixed in version 4.1.4-4.
For the unstable distribution (sid), these problems have been fixed in version 4.1.4-4.
Note that for the stable (wheezy), testing and unstable distribution, CVE-2013-1964 (XSA
50
) was already fixed in version 4.1.4-3.
We recommend that you upgrade your xen packages.
Insight
Xen is a hypervisor providing services that allow multiple computer operating systems to execute on the same computer hardware concurrently.
Affected
xen on Debian Linux
Detection
This check tests the installed software version using the apt package manager.
References
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2013-1918, CVE-2013-1952, CVE-2013-1964 -
CVSS Base Score: 6.9
AV:L/AC:M/Au:N/C:C/I:C/A:C
Related Vulnerabilities