1.9 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:L/AC:M/Au:N/C:N/I:N/A:P
0.001 Low
EPSS
Percentile
25.1%
Xen 3.4, 4.0, and 4.1, when the guest OS has not registered a handler for a
syscall or sysenter instruction, does not properly clear a flag for
exception injection when injecting a General Protection Fault, which allows
local PV guest OS users to cause a denial of service (guest crash) by later
triggering an exception that would normally be handled within Xen.
It has been discovered that the code in Xen which does this fails to
clear a flag requesting exception injection, with the result that a
future exception taken by the guest and handled entirely inside Xen
will also be injected into the guest despite Xen having handled it
already, probably crashing the guest.
Author | Note |
---|---|
tyhicks | HVM (fully-virtualised) is not affected |