Xen ProjectXSA-37Hypervisor crash due to incorrect ASSERT (debug build only)
1.9 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:L/AC:M/Au:N/C:N/I:N/A:P
0.001 Low
EPSS
Percentile
26.7%
ISSUE DESCRIPTION
A change to an internal interface within the hypervisor invalidated an ASSERT in a caller of that API. This code path is exposed to PV guests via a hypercall allowing administrators of PV guests to crash the hypervisor if it is built with debugging enabled.
IMPACT
Malicious administrators of PV guests running on hypervisors built with the non-default debug=y option can crash the host.
VULNERABLE SYSTEMS
Systems running Xen 4.2 and unstable are vulnerable to this issue. Xen 4.1 and earlier are not vulnerable.
Only systems built with debugging enabled are vulnerable. Debugging is not enabled by default.
Systems running PV guests or HVM guests using stubdomains are vulnerable. Guests which run only HVM guests without stubdomains are not vulnerable.
Related
1.9 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:L/AC:M/Au:N/C:N/I:N/A:P
0.001 Low
EPSS
Percentile
26.7%