Debian DSA-2544-1 : xen - denial of service

medium Nessus Plugin ID 62015

Synopsis

The remote Debian host is missing a security-related update.

Description

Multiple denial of service vulnerabilities have been discovered in Xen, an hypervisor. The Common Vulnerabilities and Exposures project identifies the following problems :

- CVE-2012-3494 :
It was discovered that set_debugreg allows writes to reserved bits of the DR7 debug control register on amd64 (x86-64) paravirtualised guests, allowing a guest to crash the host.

- CVE-2012-3496 :
Matthew Daley discovered that XENMEM_populate_physmap, when called with the MEMF_populate_on_demand flag set, a BUG (detection routine) can be triggered if a translating paging mode is not being used, allowing a guest to crash the host.

Solution

Upgrade the xen packages.

For the stable distribution (squeeze), these problems have been fixed in version 4.0.1-5.4.

See Also

https://security-tracker.debian.org/tracker/CVE-2012-3494

https://security-tracker.debian.org/tracker/CVE-2012-3496

https://packages.debian.org/source/squeeze/xen

https://www.debian.org/security/2012/dsa-2544

Plugin Details

Severity: Medium

ID: 62015

File Name: debian_DSA-2544.nasl

Version: 1.12

Type: local

Agent: unix

Published: 9/10/2012

Updated: 1/11/2021

Supported Sensors: Frictionless Assessment Agent, Nessus Agent

Risk Information

VPR

Risk Factor: Medium

Score: 4.4

CVSS v2

Risk Factor: Medium

Base Score: 4.7

Temporal Score: 3.5

Vector: AV:L/AC:M/Au:N/C:N/I:N/A:C

Temporal Vector: E:U/RL:OF/RC:C

Vulnerability Information

CPE: p-cpe:/a:debian:debian_linux:xen, cpe:/o:debian:debian_linux:6.0

Required KB Items: Host/local_checks_enabled, Host/Debian/release, Host/Debian/dpkg-l

Exploit Ease: No known exploits are available

Patch Publication Date: 9/8/2012

Reference Information

CVE: CVE-2012-3494, CVE-2012-3496

BID: 55400, 55412

DSA: 2544