漏洞标题
N/A
漏洞描述信息
在Xen 4.12.x版本中发现一个问题,导致x86 HVM/PVH guest OS用户引起服务拒绝( guest OS崩溃)。请参阅XSA-260关于MovSS阴影的背景。请参阅XSA-156关于#DB拦截的必要性的背景。VMX VMEntry检查不喜欢在#DB被拦截、单步运行是活动、并被 STI/MovSS阻止时产生的确切状态组合,尽管这是合法的。 resulting的VMEntry失败对 guest 是致命的。HVM/PVH guest用户空间代码可能能够崩溃 guest,导致 guest 服务拒绝。所有版本的Xen都受到影响。仅支持VMX硬件虚拟扩展(Intel, Cyrix 或赵新恩 CPU)的系统受到影响。 Arm 和 AMD系统不受影响。仅受影响的 HVM/PVH guests。 PV guests 无法利用这个漏洞。
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
漏洞类别
N/A
漏洞标题
N/A
漏洞描述信息
An issue was discovered in Xen through 4.12.x allowing x86 HVM/PVH guest OS users to cause a denial of service (guest OS crash) because VMX VMEntry checks mishandle a certain case. Please see XSA-260 for background on the MovSS shadow. Please see XSA-156 for background on the need for #DB interception. The VMX VMEntry checks do not like the exact combination of state which occurs when #DB in intercepted, Single Stepping is active, and blocked by STI/MovSS is active, despite this being a legitimate state to be in. The resulting VMEntry failure is fatal to the guest. HVM/PVH guest userspace code may be able to crash the guest, resulting in a guest Denial of Service. All versions of Xen are affected. Only systems supporting VMX hardware virtual extensions (Intel, Cyrix, or Zhaoxin CPUs) are affected. Arm and AMD systems are unaffected. Only HVM/PVH guests are affected. PV guests cannot leverage the vulnerability.
CVSS信息
N/A
漏洞类别
N/A
漏洞标题
Xen 输入验证错误漏洞
漏洞描述信息
Xen是英国剑桥大学的一款开源的虚拟机监视器产品。该产品能够使不同和不兼容的操作系统运行在同一台计算机上,并支持在运行时进行迁移,保证正常运行并且避免宕机。 Xen 4.12.x及之前版本中存在输入验证错误漏洞,该漏洞源于程序没有正确处理系统状态。攻击者可利用该漏洞导致虚拟机操作系统崩溃(拒绝服务)。
CVSS信息
N/A
漏洞类别
输入验证错误