An issue was discovered in Xen 4.8.x through 4.10.x allowing x86 PVH guest OS users to cause a denial of service (NULL pointer dereference and hypervisor crash) by leveraging the mishandling of configurations that lack a Local APIC.
Weakness
The product dereferences a pointer that it expects to be valid but is NULL.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Xen | Xen | 4.8.0 (including) | 4.10.0 (including) |
| Xen | Ubuntu | artful | * |
| Xen | Ubuntu | cosmic | * |
| Xen | Ubuntu | disco | * |
| Xen | Ubuntu | eoan | * |
| Xen | Ubuntu | groovy | * |
| Xen | Ubuntu | hirsute | * |
| Xen | Ubuntu | impish | * |
| Xen | Ubuntu | trusty | * |
| Xen | Ubuntu | upstream | * |
Potential Mitigations
References
- http://www.securitytracker.com/id/1040776
- https://security.gentoo.org/glsa/201810-06
- https://www.debian.org/security/2018/dsa-4131
- https://xenbits.xen.org/xsa/advisory-256.html
- http://www.securitytracker.com/id/1040776
- https://security.gentoo.org/glsa/201810-06
- https://www.debian.org/security/2018/dsa-4131
- https://xenbits.xen.org/xsa/advisory-256.html