Note:
This project will be discontinued after December 13, 2021. [more]
2019-10-08
An issue was discovered in drivers/xen/balloon.c in the Linux kernel before 5.2.3, as used in Xen through 4.12.x, allowing guest OS users to cause a denial of service because of unrestricted resource consumption during the mapping of guest memory, aka CID-6ef36ab967c7.
Products | Linux_kernel, Xen |
Type | Uncontrolled Resource Consumption (CWE-400) |
First patch | - None (likely due to unavailable code) |
Links |
• https://xenbits.xen.org/xsa/advisory-300.html
• https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.2.3 • https://github.com/torvalds/linux/commit/6ef36ab967c71690ebe7e5ef997a8be4da3bc844 • http://www.openwall.com/lists/oss-security/2019/10/25/9 |