CVE-2019-19582

Name of the Vulnerable Software and Affected Versions Xen versions prior to 4.13

Description An issue in Xen allows x86 guest OS users to cause a denial of service (infinite loop) due to mishandled bit iteration. The hypervisor uses bitmaps to track state, and iteration over all bits may misbehave in certain corner cases, potentially resulting in infinite loops and a hypervisor crash or hang. This can lead to a Denial of Service (DoS). The issue is related to the handling of bitmaps with a compile-time known size of 64, which may incur undefined behavior on x86 accesses.

Recommendations For Xen versions prior to 4.13, consider updating to a newer version to mitigate the risk of exploitation. As a temporary workaround, restricting access to certain hypervisor functions that handle bit iteration may help minimize the risk of a denial of service. However, the exact functions or parameters to restrict are not specified, so caution is advised when attempting any mitigation measures.