The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them. |
|
 |
|
|
Synthesis of the vulnerability 
An attacker can raise a fatal exception in the page table management of Xen, in order to trigger a denial of service.
Vulnerable systems: XenDesktop, XenServer, Debian, Fedora, openSUSE, SLES, Unix (platform) ~ not comprehensive.
Severity of this threat: 1/4.
Creation date: 27/06/2013.
Références of this weakness: BID-60799, CERTA-2013-AVI-394, CERTA-2013-AVI-496, CTX138134, CTX138633, CVE-2013-1432, DSA-3006-1, FEDORA-2013-11837, FEDORA-2013-11871, FEDORA-2013-11874, openSUSE-SU-2013:1392-1, openSUSE-SU-2013:1404-1, SUSE-SU-2014:0446-1, VIGILANCE-VUL-13010, XSA-58.
Description of the vulnerability 
In a Xen based system, memory page frames are managed both by Xen and by the guest systems.
Xen frees pages frames when no guest system uses them anymore. However, when fixing the vulnerability described in VIGILANCE-VUL-12747, an error in the reference counter handling has been introduced. A malicious guest system can then make Xen prematurely free a page, which leads to an exception in Xen at the first access after free, and then to host system halt.
An attacker can therefore raise a fatal exception in the page table management of Xen, in order to trigger a denial of service. Full bulletin, software filtering, emails, fixes, ... (Request your free trial)
This security threat impacts software or systems such as XenDesktop, XenServer, Debian, Fedora, openSUSE, SLES, Unix (platform) ~ not comprehensive.
Our Vigil@nce team determined that the severity of this computer weakness note is low.
The trust level is of type confirmed by the editor, with an origin of user console.
An attacker with a expert ability can exploit this computer threat alert.
Solutions for this threat 
Xen: version 4.2.3.
The version 4.2.3 is fixed:
http://xenbits.xen.org/gitweb/?p=xen.git;a=shortlog;h=refs/heads/stable-4.2
http://www.xenproject.org/downloads/xen-archives/supported-xen-42-series/xen-423.html
Xen: version 4.1.6.1.
The version 4.1.6.1 is fixed:
http://www.xenproject.org/downloads/xen-archives/supported-xen-41-series/xen-4161.html
http://xenbits.xen.org/gitweb/?p=xen.git;a=shortlog;h=refs/heads/stable-4.1
Xen 4: patch for XSA-58.
Two patches are available in the information sources, one for Xen 4.1 and a second one for Xen 4.2.
Citrix XenClient XT: versions 2.1.3 and 3.1.4.
Versions 2.1.3 and 3.1.4 are fixed:
http://www.citrix.com/downloads/xenclient/product-software/xenclient-xt-213.html
http://www.citrix.com/downloads/xenclient/product-software/xenclient-xt-314.html
Citrix XenServer: patch for paging management.
A patch is available:
Citrix XenServer 6.2.0 : http://support.citrix.com/article/CTX138349
Citrix XenServer 6.1 : http://support.citrix.com/article/CTX138348
Citrix XenServer 6.0.2 : http://support.citrix.com/article/CTX138347
Citrix XenServer 6.0.0 : http://support.citrix.com/article/CTX138346
Other links for the version 5 are provided in the Citrix announce.
Debian: new xen packages.
New packages are available:
Debian 7: xen 4.1.4-3+deb7u2
Fedora 19: new xen packages.
New packages are available:
xen-4.2.2-10.fc19
Fedora: new xen packages.
New packages are available:
Fedora 18 : xen-4.2.2-10.fc18
Fedora 17 : xen-4.1.5-9.fc17
openSUSE 12.2: new xen packages.
New packages are available:
xen-4.1.5_04-5.29.1
openSUSE 12.3: new xen packages.
New packages are available:
xen-4.2.2_06-1.16.1
SUSE LE 11 SP1: new xen packages.
New packages are available:
SUSE LE 11: xen 4.0.3_21548_16-0.5.1
Full bulletin, software filtering, emails, fixes, ... (Request your free trial)
Computer vulnerabilities tracking service 
Vigil@nce provides an application vulnerability announce. Each administrator can customize the list of products for which he wants to receive vulnerability alerts.
|