No statement is currently available from the vendor regarding this vulnerability.
The issue was fixed upstream on March 23,with Linux"stable"branches was fixed shortly thereafter. Therefore the following kernels(or higher)contain the patch:4.15.14,4.14.31,4.9.91,4.4.125. The older 4.1,3.16,and 3.2 branches are also affected.
All versions of Xen are vulnerable. Only x86 systems are vulnerable. ARM systems are not vulnerable. Only x86 PV guests can exploit the vulnerability. x86 HVM and PVH guests cannot exploit the vulnerability. An attacker needs to be able to control hardware debugging facilities to exploit the vulnerability,but such permissions are typically available to unprivileged users. MITIGATION ========== Running only HVM or PVH guests avoids the vulnerability. Note however that a compromised device model(running in dom0 or a stub domain)can carry out this attack,so users with HVM domains are also advised to patch their systems. RESOLUTION ========== Applying the appropriate attached patch resolves this issue.
For the full statement,please see Xen Advisory 260.
No Zyxel products are vulnerable to unexpected operating system behavior resulting from an Intel architecture hardware debug exception,as reported in[CERT/CC]vulnerability note VU#631579 at https://www.kb.cert.org/vuls/id/631579.
Zyxel has issued Zyxel-SA-1135-01 stating that no products are affected.