CVE-2013-2078

Common Vulnerabilities and Exposures

Upstream information

CVE-2013-2078 at MITRE

Description

Xen 4.0.2 through 4.0.4, 4.1.x, and 4.2.x allows local PV guest users to cause a denial of service (hypervisor crash) via certain bit combinations to the XSETBV instruction.

NVD CVSS v2 Base Score: 4.7 (AV:L/AC:M/Au:N/C:N/I:N/A:C)

SUSE information

SUSE Bugzilla entries: 813673, 820920, 880227

SUSE Security Advisories:

SUSE-SU-2013:1075-1, published Tue, 25 Jun 2013 19:04:17 +0200 (CEST)
SUSE-SU-2013:1314-1, published Fri, 9 Aug 2013 16:04:13 +0200 (CEST)
openSUSE-SU-2013:1392-1, published Fri, 30 Aug 2013 16:04:11 +0200 (CEST)
openSUSE-SU-2013:1404-1, published Wed, 4 Sep 2013 15:04:10 +0200 (CEST)

List of released packages

Product(s)	Fixed package version(s)	References
SUSE Linux Enterprise Software Development Kit 11 SP2	`xen-devel >= 4.1.5_02-0.5.1`	Builds SAT Patch Nr: 7798
SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Server 11 SP2	`xen-kmp-default >= 4.1.5_02_3.0.74_0.6.10-0.5.1` `xen-kmp-pae >= 4.1.5_02_3.0.74_0.6.10-0.5.1` `xen-kmp-trace >= 4.1.5_02_3.0.74_0.6.10-0.5.1` `xen-libs >= 4.1.5_02-0.5.1` `xen-tools-domU >= 4.1.5_02-0.5.1`	Builds SAT Patch Nr: 7798
SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Server 11 SP2	`xen >= 4.1.5_02-0.5.1` `xen-doc-html >= 4.1.5_02-0.5.1` `xen-doc-pdf >= 4.1.5_02-0.5.1` `xen-kmp-default >= 4.1.5_02_3.0.74_0.6.10-0.5.1` `xen-kmp-trace >= 4.1.5_02_3.0.74_0.6.10-0.5.1` `xen-libs >= 4.1.5_02-0.5.1` `xen-libs-32bit >= 4.1.5_02-0.5.1` `xen-tools >= 4.1.5_02-0.5.1` `xen-tools-domU >= 4.1.5_02-0.5.1`	Builds SAT Patch Nr: 7798
SUSE Linux Enterprise Server 11 SP2 for VMware	`xen-kmp-trace >= 4.1.5_02_3.0.74_0.6.10-0.5.1`	Builds SAT Patch Nr: 7798
SUSE Linux Enterprise Software Development Kit 11 SP3	`xen-devel >= 4.2.2_06-0.7.1`	Builds SAT Patch Nr: 8063
SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Server 11 SP3	`xen-kmp-default >= 4.2.2_06_3.0.82_0.7-0.7.1` `xen-kmp-pae >= 4.2.2_06_3.0.82_0.7-0.7.1` `xen-libs >= 4.2.2_06-0.7.1` `xen-tools-domU >= 4.2.2_06-0.7.1`	Builds SAT Patch Nr: 8063
SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Server 11 SP3	`xen >= 4.2.2_06-0.7.1` `xen-doc-html >= 4.2.2_06-0.7.1` `xen-doc-pdf >= 4.2.2_06-0.7.1` `xen-kmp-default >= 4.2.2_06_3.0.82_0.7-0.7.1` `xen-libs >= 4.2.2_06-0.7.1` `xen-libs-32bit >= 4.2.2_06-0.7.1` `xen-tools >= 4.2.2_06-0.7.1` `xen-tools-domU >= 4.2.2_06-0.7.1`	Builds SAT Patch Nr: 8063
openSUSE 12.3	`xen >= 4.2.2_06-1.16.1` `xen-debugsource >= 4.2.2_06-1.16.1` `xen-devel >= 4.2.2_06-1.16.1` `xen-doc-html >= 4.2.2_06-1.16.1` `xen-doc-pdf >= 4.2.2_06-1.16.1` `xen-kmp-default >= 4.2.2_06_k3.7.10_1.16-1.16.1` `xen-kmp-default-debuginfo >= 4.2.2_06_k3.7.10_1.16-1.16.1` `xen-kmp-desktop >= 4.2.2_06_k3.7.10_1.16-1.16.1` `xen-kmp-desktop-debuginfo >= 4.2.2_06_k3.7.10_1.16-1.16.1` `xen-kmp-pae >= 4.2.2_06_k3.7.10_1.16-1.16.1` `xen-kmp-pae-debuginfo >= 4.2.2_06_k3.7.10_1.16-1.16.1` `xen-libs >= 4.2.2_06-1.16.1` `xen-libs-32bit >= 4.2.2_06-1.16.1` `xen-libs-debuginfo >= 4.2.2_06-1.16.1` `xen-libs-debuginfo-32bit >= 4.2.2_06-1.16.1` `xen-tools >= 4.2.2_06-1.16.1` `xen-tools-debuginfo >= 4.2.2_06-1.16.1` `xen-tools-domU >= 4.2.2_06-1.16.1` `xen-tools-domU-debuginfo >= 4.2.2_06-1.16.1`	Patchnames: openSUSE-2013-677