vulnerability alert CVE-2013-0190
Xen: denial of service via PVOPS xen_failsafe_callback
Synthesis of the vulnerability
When Xen uses PVOPS, an attacker who is located in a guest system can trigger an interruption, in order to stop the kernel.Impacted products:
Fedora, Linux, RHEL, Unix (platform).
BID-57433, CERTA-2013-AVI-045, CVE-2013-0190, FEDORA-2013-0952, FEDORA-2013-1025, RHSA-2013:0496-02, VIGILANCE-VUL-12336, XSA-40.
Description of the vulnerability
The PVOPS (ParaVirtualized OPerationS) architecture is used to start a kernel on a real (or HVM) computer, or in a paravirtualized environment.
The xen_failsafe_callback() function of the arch/x86/kernel/entry_32.S file is called when an interruption occurs (for example when the Code Selector is changed during the loading of the LDT - Local Descriptor Table). However, in PVOPS mode, this function increments twice the ESP stack pointer. As the stack is shifted, this error usually stops the kernel.
When Xen uses PVOPS, an attacker who is located in a guest system can therefore trigger an interruption, in order to stop the kernel.Complete Vigil@nce bulletin....
Share this bulletin
Computer vulnerabilities tracking service
Vigil@nce provides a network vulnerability database
. The Vigil@nce vulnerability database contains several thousand vulnerabilities. The Vigil@nce security watch publishes vulnerability bulletins about threats impacting the information system. The Vigil@nce team tracks computer vulnerabilities impacting systems and applications.