Xen Para Virtualized Frame Buffer 'ioemu' Frontend Frame Buffer Denial of Service Vulnerability

Bugtraq ID:	30646
Class:	Design Error
CVE:	CVE-2008-1952
Remote:	No
Local:	Yes
Published:	Aug 11 2008 12:00AM
Updated:	Oct 01 2008 10:59PM
Credit:	Jan Lieskovsky
Vulnerable:	XenSource Xen 3.1.2 XenSource Xen 3.1.1 XenSource Xen 3.0.3 XenSource Xen 3.0 Redhat Enterprise Linux Virtualization 5 Server Redhat Enterprise Linux Desktop Multi OS 5 client Redhat Enterprise Linux Desktop 5 client Redhat Enterprise Linux 5 Server
Not Vulnerable:

Xen Para Virtualized Frame Buffer 'ioemu' Frontend Frame Buffer Denial of Service Vulnerability

Xen is prone to a local denial-of-service vulnerability.

Successfully exploiting this issue will allow attackers to crash the affected application, denying service to legitimate users.

Xen Para Virtualized Frame Buffer 'ioemu' Frontend Frame Buffer Denial of Service Vulnerability

Currently we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].

Xen Para Virtualized Frame Buffer 'ioemu' Frontend Frame Buffer Denial of Service Vulnerability

Solution:
The vendor has released a patch. Please see the references for more information.

Xen Para Virtualized Frame Buffer 'ioemu' Frontend Frame Buffer Denial of Service Vulnerability

References:

• (CVE-2008-1952) CVE-2008-1952 qemu/xen/kvm: ioemu: Fix PVFB backend to limit fr (Jan Lieskovsky)
  
• changeset: ioemu: Fix PVFB backend to limit frame buffer size (XenSource)
  
• Xen Project Homepage (Xen Project)
  
• RHSA-2008:0892-10 xen security and bug fix update (Red Hat)