DSA-2544-1 xen -- denial of serviceID: oval:org.secpod.oval:def:600884 | Date: (C)2012-09-13 (M)2022-10-10 |
Class: PATCH | Family: unix |
Multiple denial of service vulnerabilities have been discovered in xen, an hypervisor. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2012-3494: It was discovered that set_debugreg allows writes to reserved bits of the DR7 debug control register on amd64 paravirtualised guests, allowing a guest to crash the host. CVE-2012-3496: Matthew Daley discovered that XENMEM_populate_physmap, when called with the MEMF_populate_on_demand flag set, a BUG can be triggered if a translating paging mode is not being used, allowing a guest to crash the host.