An issue exists in Xen up to and including 4.10.x allowing x86 HVM guest OS users to cause a denial of service (unexpectedly high interrupt number, array overrun, and hypervisor crash) or possibly gain hypervisor privileges by setting up an HPET timer to deliver interrupts in IO-APIC mode, aka vHPET interrupt injection.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
xen xen |
||
debian debian linux 8.0 |
||
debian debian linux 7.0 |
||
debian debian linux 9.0 |