CVE-2012-0218

Name of the Vulnerable Software and Affected Versions Xen versions 3.4 through 4.1

Description The issue allows local PV guest OS users to cause a denial of service by triggering an exception that would normally be handled within Xen, due to a failure to properly clear a flag for exception injection when injecting a General Protection Fault. This occurs when the guest OS has not registered a handler for a syscall or sysenter instruction.

Recommendations For Xen versions 3.4 through 4.1, consider temporarily disabling the handling of unregistered syscalls or sysenter instructions as a quick mitigation measure until a patch is available. Restrict access to the vulnerable functionality to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.