UBUNTU-CVE-2018-15468

See a problem?

Source

https://ubuntu.com/security/notices/UBUNTU-CVE-2018-15468

Import Source

https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2018/UBUNTU-CVE-2018-15468.json

JSON Data

https://api.osv.dev/v1/vulns/UBUNTU-CVE-2018-15468

Related

CVE-2018-15468

Published

2018-08-17T18:29:00Z

Modified

2018-08-17T18:29:00Z

Severity

6.0 (Medium) CVSS_V3 - CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H CVSS Calculator

Summary

[none]

Details

An issue was discovered in Xen through 4.11.x. The DEBUGCTL MSR contains several debugging features, some of which virtualise cleanly, but some do not. In particular, Branch Trace Store is not virtualised by the processor, and software has to be careful to configure it suitably not to lock up the core. As a result, it must only be available to fully trusted guests. Unfortunately, in the case that vPMU is disabled, all value checking was skipped, allowing the guest to choose any MSR_DEBUGCTL setting it likes. A malicious or buggy guest administrator (on Intel x86 HVM or PVH) can lock up the entire host, causing a Denial of Service.

References

Affected packages

Ubuntu:Pro:16.04:LTS / xen

Package

Name: xen

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

4.*

4.5.1-0ubuntu1

4.5.1-0ubuntu2

4.6.0-1ubuntu1

4.6.0-1ubuntu2

4.6.0-1ubuntu4

4.6.0-1ubuntu4.1

4.6.0-1ubuntu4.2

4.6.0-1ubuntu4.3

4.6.5-0ubuntu1

4.6.5-0ubuntu1.1

4.6.5-0ubuntu1.2

4.6.5-0ubuntu1.4

Ecosystem specific

{
    "ubuntu_priority": "medium"
}

Ubuntu:Pro:18.04:LTS / xen

Package

Name: xen

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

4.*

4.9.0-0ubuntu3

4.9.0-0ubuntu4

4.9.2-0ubuntu1

Ecosystem specific

{
    "ubuntu_priority": "medium"
}