common/spinlock.c in Xen 4.4.x and earlier does not properly handle read and write locks, which allows local x86 guest users to cause a denial of service (write denial or NMI watchdog timeout and host crash) via a large number of read requests, a different vulnerability to CVE-2014-9066.
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "binary_version": "4.4.1-0ubuntu0.14.04.4", "binary_name": "libxen-4.4" }, { "binary_version": "4.4.1-0ubuntu0.14.04.4", "binary_name": "libxen-dev" }, { "binary_version": "4.4.1-0ubuntu0.14.04.4", "binary_name": "libxen-ocaml" }, { "binary_version": "4.4.1-0ubuntu0.14.04.4", "binary_name": "libxen-ocaml-dev" }, { "binary_version": "4.4.1-0ubuntu0.14.04.4", "binary_name": "libxenstore3.0" }, { "binary_version": "4.4.1-0ubuntu0.14.04.4", "binary_name": "xen-hypervisor-4.1-amd64" }, { "binary_version": "4.4.1-0ubuntu0.14.04.4", "binary_name": "xen-hypervisor-4.3-amd64" }, { "binary_version": "4.4.1-0ubuntu0.14.04.4", "binary_name": "xen-hypervisor-4.3-armhf" }, { "binary_version": "4.4.1-0ubuntu0.14.04.4", "binary_name": "xen-hypervisor-4.4-amd64" }, { "binary_version": "4.4.1-0ubuntu0.14.04.4", "binary_name": "xen-hypervisor-4.4-arm64" }, { "binary_version": "4.4.1-0ubuntu0.14.04.4", "binary_name": "xen-hypervisor-4.4-armhf" }, { "binary_version": "4.4.1-0ubuntu0.14.04.4", "binary_name": "xen-system-amd64" }, { "binary_version": "4.4.1-0ubuntu0.14.04.4", "binary_name": "xen-system-arm64" }, { "binary_version": "4.4.1-0ubuntu0.14.04.4", "binary_name": "xen-system-armhf" }, { "binary_version": "4.4.1-0ubuntu0.14.04.4", "binary_name": "xen-utils-4.4" }, { "binary_version": "4.4.1-0ubuntu0.14.04.4", "binary_name": "xen-utils-common" }, { "binary_version": "4.4.1-0ubuntu0.14.04.4", "binary_name": "xenstore-utils" } ] }