Upstream information

CVE-2007-5906 at MITRE

Description

Xen 3.1.1 allows virtual guest system users to cause a denial of service (hypervisor crash) by using a debug register (DR7) to set certain breakpoints.

SUSE information

Overall state of this security issue: Resolved

This issue is currently rated as having important severity.

CVSS v2 Scores
  National Vulnerability Database
Base Score 4.7
Vector AV:L/AC:M/Au:N/C:N/I:N/A:C
Access Vector Local
Access Complexity Medium
Authentication None
Confidentiality Impact None
Integrity Impact None
Availability Impact Complete
SUSE Bugzilla entry: 338108 [RESOLVED / FIXED]

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
SUSE LINUX 10.1
  • xen >= 3.0.4_13138-0.60
  • xen-devel >= 3.0.4_13138-0.60
  • xen-doc-html >= 3.0.4_13138-0.60
  • xen-doc-pdf >= 3.0.4_13138-0.60
  • xen-doc-ps >= 3.0.4_13138-0.60
  • xen-libs >= 3.0.4_13138-0.60
  • xen-libs-32bit >= 3.0.4_13138-0.60
  • xen-tools >= 3.0.4_13138-0.60
  • xen-tools-ioemu >= 3.0.4_13138-0.60