| Title | CVE-2021-28688 / Denial of Service in Hypervizor |
|---|
| Description | IMPACT
======
A malicious or buggy frontend driver may be able to cause resource leaks
from the corresponding backend driver. This can result in a host-wide
Denial of Sevice (DoS).
VULNERABLE SYSTEMS
==================
All Linux versions having the fix for XSA-365 applied are vulnerable.
XSA-365 was classified to affect versions back to at least 3.11.
MITIGATION
==========
Reconfiguring guests to use alternative (e.g. qemu-based) backends may
avoid the vulnerability.
Avoiding the use of persistent grants will also avoid the vulnerability.
This can be achieved by passing the "feature_persistent=0" module option
to the xen-blkback driver.
CREDITS
Affected Versions:
Citrix Systems Hypervisor <= 8.2 LTSR, Citrix Systems XenServer <= 7.0, Citrix Systems XenServer <= 7.1 LTSR CU2, Open Source Xen
Source:
https://xenbits.xen.org/xsa/advisory-371.html
https://support.citrix.com/article/CTX306565 |
|---|
| Source | ⚠️ https://xenbits.xen.org/xsa/advisory-371.html |
|---|
| User | CSieberg (UID 13359) |
|---|
| Submission | 04/01/2021 09:26 (5 years ago) |
|---|
| Moderation | 04/01/2021 09:50 (24 minutes later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 172065 [Xen resource consumption] |
|---|
| Points | 20 |
|---|