Note:
This project will be discontinued after December 13, 2021. [more]
2018-12-08
An issue was discovered in Xen through 4.11.x on Intel x86 platforms allowing guest OS users to cause a denial of service (host OS hang) because Xen does not work around Intel's mishandling of certain HLE transactions associated with the KACQUIRE instruction prefix.
Products | Debian_linux, Xen |
Type | Improper Input Validation (CWE-20) |
First patch | - None (likely due to unavailable code) |
Links |
• http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00072.html
• https://www.debian.org/security/2019/dsa-4369 • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00057.html • https://xenbits.xen.org/xsa/advisory-282.html • https://support.citrix.com/article/CTX239432 |