SB2019111228 - Denial of service in Xen

Description

This security bulletin contains information about 1 security vulnerability.

1) Buffer overflow (CVE-ID: CVE-2018-12207)

The vulnerability allows a local user to perform denial of service (DoS) attack.

The vulnerability exists due to a boundary error in the mechanism responsible for error handling on some Intel platforms. A local user of a guest operating system can use a specially crafted application to trigger memory corruption and cause the host system to stop responding.

Successful exploitation of this vulnerability may result in a denial of service (DoS) attack.

Below is the list of processor families that are affected by this vulnerability:

Client:

• Intel Core i3 Processors
• Intel Core i5 Processors
• Intel Core i7 Processors
• Intel Core m Processor Family
• 2nd generation Intel Core Processors
• 3rd generation Intel Core Processors
• 4th generation Intel Core Processors
• 5th generation Intel Core Processors
• 6th generation Intel Core Processors
• 7th generation Intel Core Processors
• 8th generation Intel Core Processors
• Intel Core X-series Processor Family
• Intel Pentium Gold Processor Series
• Intel Celeron Processor G Series

Server:

• 2nd Generation Intel Xeon Scalable Processors
• Intel Xeon Scalable Processors
• Intel Xeon Processor E7 v4 Family
• Intel Xeon Processor E7 v3 Family
• Intel Xeon Processor E7 v2 Family
• Intel Xeon Processor E7 Family
• Intel Xeon Processor E5 v4 Family
• Intel Xeon Processor E5 v3 Family
• Intel Xeon Processor E5 v2 Family
• Intel Xeon Processor E5 Family
• Intel Xeon Processor E3 v6 Family
• Intel Xeon Processor E3 v5 Family
• Intel Xeon Processor E3 v4 Family
• Intel Xeon Processor E3 v3 Family
• Intel Xeon Processor E3 v2 Family
• Intel Xeon Processor E3 Family
• Intel Xeon E Processor
• Intel Xeon D Processor
• Intel Xeon W Processor
• Legacy Intel Xeon Processor

Remediation

Install update from vendor's website.

References

• https://xenbits.xen.org/xsa/advisory-304.html