Note:
This project will be discontinued after December 13, 2021. [more]
2018-12-08
An issue was discovered in Xen through 4.11.x allowing 64-bit PV guest OS users to cause a denial of service (host OS crash) because #GP[0] can occur after a non-canonical address is passed to the TLB flushing code. NOTE: this issue exists because of an incorrect CVE-2017-5754 (aka Meltdown) mitigation.
| Products | Xenserver, Debian_linux, Xen |
| Type | ? (NVD-CWE-noinfo) |
| First patch | - None (likely due to unavailable code) |
| Links |
• https://xenbits.xen.org/xsa/advisory-279.html
• http://www.securityfocus.com/bid/106182 • https://www.debian.org/security/2019/dsa-4369 • https://support.citrix.com/article/CTX239432 • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00072.html |