Описание
Xen 3.3.x through 4.5.x does not properly restrict write access to the host MSI message data field, which allows local x86 HVM guest administrators to cause a denial of service (host interrupt handling confusion) via vectors related to qemu and accessing spanning multiple fields.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| qemu | fixed | 1:2.3+dfsg-5 | package | |
| qemu | not-affected | wheezy | package | |
| qemu | not-affected | squeeze | package | |
| qemu-kvm | not-affected | package | ||
| xen | fixed | 4.4.0-1 | package | |
| xen | end-of-life | squeeze | package |
Примечания
Xen switched to qemu-system in 4.4.0-1
http://xenbits.xen.org/xsa/advisory-128.html
EPSS
Связанные уязвимости
Xen 3.3.x through 4.5.x does not properly restrict write access to the host MSI message data field, which allows local x86 HVM guest administrators to cause a denial of service (host interrupt handling confusion) via vectors related to qemu and accessing spanning multiple fields.
Xen 3.3.x through 4.5.x does not properly restrict write access to the host MSI message data field, which allows local x86 HVM guest administrators to cause a denial of service (host interrupt handling confusion) via vectors related to qemu and accessing spanning multiple fields.
Xen 3.3.x through 4.5.x does not properly restrict write access to the host MSI message data field, which allows local x86 HVM guest administrators to cause a denial of service (host interrupt handling confusion) via vectors related to qemu and accessing spanning multiple fields.
Xen 3.3.x through 4.5.x does not properly restrict write access to the host MSI message data field, which allows local x86 HVM guest administrators to cause a denial of service (host interrupt handling confusion) via vectors related to qemu and accessing spanning multiple fields.
Уязвимость гипервизора Xen, позволяющая нарушителю вызвать отказ обслуживании хостовой операционной системы
EPSS