Xen AMD Processing Flaw Lets Local Guest System Users Deny Service
|
|
SecurityTracker Alert ID: 1027168 |
|
SecurityTracker URL: http://securitytracker.com/id/1027168
|
|
CVE Reference:
CVE-2012-2934
(Links to External Site)
|
Date: Jun 13 2012
|
Impact:
Denial of service via local system
|
Fix Available: Yes Vendor Confirmed: Yes
|
Version(s): 3.4, 4.0, 4.1
|
Description:
A vulnerability was reported in Xen. A local user on the guest operating system can cause denial of service conditions on the target system.
On some older AMD CPUs, a local user on a 64-bit PV guest operating system can cause the processor to lock up.
Systems running only 32-bit guest kernels are not affected.
The following 130nm and 90nm (DDR1-only) AMD processors may be affected:
* First-generation AMD-Opteron(tm) single and dual core processors in either 939 or 940 packages:
** AMD Opteron(tm) 100-Series Processors
** AMD Opteron(tm) 200-Series Processors
** AMD Opteron(tm) 800-Series Processors
* AMD Athlon(tm) processors in either 754, 939 or 940 packages
* AMD Sempron(tm) processor in either 754 or 939 packages
* AMD Turion(tm) Mobile Technology in 754 package
Intel processors are not affected.
|
Impact:
A local user on the guest operating system can cause denial of service conditions on the target host system.
|
Solution:
The vendor has issued a patch.
The vendor's advisory is available at:
http://lists.xen.org/archives/html/xen-announce/2012-06/msg00002.html
|
Vendor URL: www.xen.org/ (Links to External Site)
|
Cause:
State error
|
Underlying OS:
Linux (Any)
|
|
Message History:
None.
|
Source Message Contents
|
|
|
[Original Message Not Available for Viewing]
|
|
