Xen, Citrix XenServer: denial of service via AMD
Synthesis of the vulnerability
An attacker in a guest ParaVirtualized 64 bit system can use a vulnerability of some AMD processors, in order to stop the host system.Impacted products:
Debian, Fedora, openSUSE, RHEL, SUSE Linux Enterprise Desktop, SLES, Unix (platform).
BID-53961, CERTA-2012-AVI-328, CVE-2012-2934, DSA 2501-1, FEDORA-2012-9386, FEDORA-2012-9399, FEDORA-2012-9430, openSUSE-SU-2012:0886-1, openSUSE-SU-2012:1572-1, openSUSE-SU-2012:1573-1, RHSA-2012:0721-01, SUSE-SU-2012:0730-1, VIGILANCE-VUL-11695, XSA-9.
Description of the vulnerability
AMD announced a bug in its processors, in the following case:
- the processor is in 64 bit mode
- the code segment limit is 0xFFFF FFFF
- the last byte of the current instruction is located at 0x7FFF FFFF FFFF
- the next instruction is located at 0x8000 0000 0000
In this case, a General Protection Exception occurs.
An attacker in a guest ParaVirtualized 64 bit system can therefore use a vulnerability of some AMD processors, in order to stop the host system.Complete Vigil@nce bulletin....
Share this bulletin
Computer vulnerabilities tracking service
Vigil@nce provides software vulnerabilities analysis
. Each administrator can customize the list of products for which he wants to receive vulnerability alerts. The Vigil@nce computer vulnerability tracking service alerts your teams of vulnerabilities or threats impacting your information system. The Vigil@nce team tracks computer vulnerabilities impacting systems and applications.