Xen CVE-2018-12891 Local Denial of Service Vulnerability

Bugtraq ID:	104570
Class:	Failure to Handle Exceptional Conditions
CVE:	CVE-2018-12891
Remote:	No
Local:	Yes
Published:	Jun 27 2018 12:00AM
Updated:	Jun 27 2018 12:00AM
Credit:	Jan Beulich of SUSE
Vulnerable:	Xen Xen 4.10 Xen Xen 4.9 Xen Xen 4.8 Xen Xen 4.7 Xen Xen 4.6 Xen Xen 4.0.4 Xen Xen 4.0.1 Xen Xen 4.9 Xen Xen 4.6.3 Xen Xen 4.5.3 Xen Xen 4.5.0 Xen Xen 4.5 Xen Xen 4.4.1 Xen Xen 4.4.0 Rc1 Xen Xen 4.4.0 - Xen Xen 4.4.0 Xen Xen 4.4 Xen Xen 4.3.1 Xen Xen 4.3.0-1 Xen Xen 4.3.0 Xen Xen 4.3 Xen Xen 4.2.3 Xen Xen 4.2.2 Xen Xen 4.2.1 Xen Xen 4.2.0 Xen Xen 4.2 Xen Xen 4.10 Xen Xen 4.1.6.1 Xen Xen 4.1.5 Xen Xen 4.1.4 Xen Xen 4.1.3 Xen Xen 4.1.2 Xen Xen 4.1.1 Xen Xen 4.1.0 Xen Xen 4.1 Xen Xen 4.0.3 Xen Xen 4.0.2 Xen Xen 4.0.0 Xen Xen 4.0 Xen Xen 3.4.4 Xen Xen 3.4.3 Xen Xen 3.4.2 Xen Xen 3.4.1 Xen Xen 3.4.0 Xen Xen 3.4
Not Vulnerable:

Xen CVE-2018-12891 Local Denial of Service Vulnerability

Xen is prone to a local denial-of-service vulnerability.

A local attacker can exploit this issue to cause a denial-of-service condition, denying service to legitimate users.

Xen CVE-2018-12891 Local Denial of Service Vulnerability

Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].

Xen CVE-2018-12891 Local Denial of Service Vulnerability

Solution:
Updates are available. Please see the references or vendor advisory for more information.

Xen CVE-2018-12891 Local Denial of Service Vulnerability

References:

• Xen Homepage (XenSource )
  
• Bug 1590985 CVE-2018-12891 xen: preemption checks bypassed in x86 PV MM handling (Redhat)
  
• CVE-2018-12891 (Redhat)
  
• Xen Security Advisory 264 (CVE-2018-12891) - preemption checks bypassed in x86 P (Seclists.org)