Xen 4.0, and 4.1, when running a 64-bit PV guest on older AMD CPUs, does not properly protect against a certain AMD processor bug, which allows local guest OS users to cause a denial of service (host hang) via sequential execution of instructions across a non-canonical boundary, a different vulnerability than CVE-2012-0217.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Xen | Xen | 4.0.0 (including) | 4.0.0 (including) |
Xen | Xen | 4.1.0 (including) | 4.1.0 (including) |
Xen | Ubuntu | oneiric | * |
Xen | Ubuntu | precise | * |
Xen | Ubuntu | upstream | * |
Xen-3.1 | Ubuntu | hardy | * |
Xen-3.2 | Ubuntu | hardy | * |
Xen-3.3 | Ubuntu | lucid | * |
Xen-3.3 | Ubuntu | natty | * |
Red Hat Enterprise Linux 5 | RedHat | kernel-0:2.6.18-308.8.2.el5 | * |