Red Hat Bugzilla – Bug 950686
CVE-2013-1919 kernel: xen: Several access permission issues with IRQs for unprivileged guests
Last modified: 2013-05-13 04:01:36 EDT
Various IRQ related access control operations may not have the intended effect, thus potentially permitting a stub domain to gran its client domain access to an IRQ it doesn't have access to itself.
Malicious or buggy stub domains kernels can mount a denial of service attack possibly affecting the whole system.
Only Xen systems using stub domains are vulnerable.
Only HVM guests with passed-through IRQs or PCI devices are able to exploit the vulnerability.
Red Hat would like to thank the Xen for reporting this issue.
This issue did not affect the versions of the kernel-xen package as shipped with Red Hat Enterprise Linux 5 as it has no support for stub domains.
This issue did not affect the versions of the Linux kernel as shipped with Red Hat Enterprise Linux 6 and Red Hat Enterprise MRG as we did not have support for Xen hypervisor.
Created xen tracking bugs for this issue
Affects: fedora-all [bug 953568]
xen-4.1.5-1.fc17 has been pushed to the Fedora 17 stable repository. If problems still persist, please make note of it in this bug report.
xen-4.2.2-1.fc18 has been pushed to the Fedora 18 stable repository. If problems still persist, please make note of it in this bug report.