The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

computer vulnerability alert CVE-2013-0190

Xen: denial of service via PVOPS xen_failsafe_callback

Synthesis of the vulnerability

When Xen uses PVOPS, an attacker who is located in a guest system can trigger an interruption, in order to stop the kernel.
Impacted products: Fedora, Linux, RHEL, Unix (platform).
Severity: 1/4.
Creation date: 16/01/2013.
Identifiers: BID-57433, CERTA-2013-AVI-045, CVE-2013-0190, FEDORA-2013-0952, FEDORA-2013-1025, RHSA-2013:0496-02, VIGILANCE-VUL-12336, XSA-40.

Description of the vulnerability

The PVOPS (ParaVirtualized OPerationS) architecture is used to start a kernel on a real (or HVM) computer, or in a paravirtualized environment.

The xen_failsafe_callback() function of the arch/x86/kernel/entry_32.S file is called when an interruption occurs (for example when the Code Selector is changed during the loading of the LDT - Local Descriptor Table). However, in PVOPS mode, this function increments twice the ESP stack pointer. As the stack is shifted, this error usually stops the kernel.

When Xen uses PVOPS, an attacker who is located in a guest system can therefore trigger an interruption, in order to stop the kernel.
Complete Vigil@nce bulletin.... (free trial)

Computer vulnerabilities tracking service

Vigil@nce provides a network vulnerability database. The Vigil@nce vulnerability database contains several thousand vulnerabilities. The Vigil@nce security watch publishes vulnerability bulletins about threats impacting the information system. The Vigil@nce team tracks computer vulnerabilities impacting systems and applications.