CVE-2015-0268

Name of the Vulnerable Software and Affected Versions Xen versions 4.5.x

Description The issue allows local guest users to cause a denial of service, resulting in a host crash, by writing an invalid value to the GICD.SGIR register. This occurs when the vgic v2 to sgi function in arch/arm/vgic-v2.c is used on ARM hardware with general interrupt controller (GIC) version 2.

Recommendations For Xen version 4.5.x, consider restricting access to the vgic v2 to sgi function in arch/arm/vgic-v2.c to prevent local guest users from writing invalid values to the GICD.SGIR register until a patch is available. At the moment, there is no information about a newer version that contains a fix for this issue.