Red Hat Bugzilla – Bug 377501
CVE-2007-5906 kernel-xen 3.1.1 virtual guest system denial of service (hypervisor crash) possibility
Last modified: 2009-09-10 12:30:52 EDT
Description of problem:
Xen 3.1.1 allows virtual guest system users to cause a denial of
service (hypervisor crash) by using a debug register (DR7) to set
certain breakpoints. (CVE-2007-5906).
Will this bugzilla get the details needed to fix the bug, once those details
The official post is here -- there is also patch provided:
Note that the rebase of the Xen hypervisor to 3.1.2 in the 5.2 kernel
(RHBA-2008:0314) caused this issue to be fixed for Enterprise Linux 5. I'll
therefore update that advisory so that it references this CVE name.
This was fixed long ago in all of the relevant released, so I'll close out this tracker bug.