Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The fixup_page_fault function in arch/x86/traps.c in Xen 4.0.1 and earlier on 64-bit platforms, when paravirtualization is enabled, does not verify that kernel mode is used to call the handle_gdt_ldt_mapping_fault function, which allows guest OS users to cause a denial of service (host OS BUG_ON) via a crafted memory access.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Citrix Xen arch/x86/traps.c文件拒绝服务漏洞
Vulnerability Description
Xen是英国剑桥大学开发的一款开源的虚拟机监视器产品。该产品能够使不同和不兼容的操作系统运行在同一台计算机上,并支持在运行时进行迁移,保证正常运行并且避免宕机。 当paravirtualization启用时,基于64位平台的Xen 4.0.1及之前版本中的arch/x86/traps.c文件中的fixup_page_fault函数没有验证用于调用handle_gdt_ldt_mapping_fault函数的内核模式。访客操作系统用户可以借助特制内存访问导致拒绝服务(主机操作系统BUG_ON)。
CVSS Information
N/A
Vulnerability Type
N/A