Bug 377501 (CVE-2007-5906) - CVE-2007-5906 kernel-xen 3.1.1 virtual guest system denial of service (hypervisor crash) possibility
Summary: CVE-2007-5906 kernel-xen 3.1.1 virtual guest system denial of service (hyperv...
Status: CLOSED CURRENTRELEASE
Alias: CVE-2007-5906
Product: Security Response
Classification: Other
Component: vulnerability (Show other bugs)
(Show other bugs)
Version: unspecified
Hardware: All Linux
low
medium
Target Milestone: ---
Assignee: Bill Burns
QA Contact:
URL:
Whiteboard: impact=important,source=cve,reported=...
Keywords: Security
Depends On: 386901 386911 390091 390101 390111 390121
Blocks:
TreeView+ depends on / blocked
 
Reported: 2007-11-12 10:53 UTC by Jan Lieskovsky
Modified: 2009-09-10 16:30 UTC (History)
5 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2009-09-10 16:30:52 UTC
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

Description Jan Lieskovsky 2007-11-12 10:53:47 UTC
Description of problem:

Xen 3.1.1 allows virtual guest system users to cause a denial of
service (hypervisor crash) by using a debug register (DR7) to set
certain breakpoints. (CVE-2007-5906).

Comment 1 Rik van Riel 2007-11-12 17:19:44 UTC
Will this bugzilla get the details needed to fix the bug, once those details
become available?

Comment 3 Jan Lieskovsky 2007-11-16 14:57:18 UTC
The official post is here -- there is also patch provided: 
 
http://lists.xensource.com/archives/html/xen-devel/2007-10/msg01048.html 

Comment 5 Mark J. Cox 2008-06-25 11:02:25 UTC
Note that the rebase of the Xen hypervisor to 3.1.2 in the 5.2 kernel
(RHBA-2008:0314) caused this issue to be fixed for Enterprise Linux 5.  I'll
therefore update that advisory so that it references this CVE name.

Comment 6 Chris Lalancette 2009-09-10 16:30:52 UTC
This was fixed long ago in all of the relevant released, so I'll close out this tracker bug.

Chris Lalancette


Note You need to log in before you can comment on or make changes to this bug.