Back

CVE-2024-45817

Sept. 25, 2024, 11:15 a.m.

Received
CVE has been recently published to the CVE List and has been received by the NVD.

Products

Xen Hypervisor

Source

security@xen.org

Tags

security@xen.org
2024-09-25
CVE-2024-45817

CVE-2024-45817 details

Published : Sept. 25, 2024, 11:15 a.m.
Last Modified : Sept. 25, 2024, 11:15 a.m.

Description

In x86's APIC (Advanced Programmable Interrupt Controller) architecture, error conditions are reported in a status register. Furthermore, the OS can opt to receive an interrupt when a new error occurs. It is possible to configure the error interrupt with an illegal vector, which generates an error when an error interrupt is raised. This case causes Xen to recurse through vlapic_error(). The recursion itself is bounded; errors accumulate in the the status register and only generate an interrupt when a new status bit becomes set. However, the lock protecting this state in Xen will try to be taken recursively, and deadlock.

CVSS Score

1 2 3 4 5 6 7 8 9 10

Weakness

Weakness Name Description

References

URL Source
https://xenbits.xenproject.org/xsa/advisory-462.html security@xen.org
This website uses the NVD API, but is not approved or certified by it.