Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Mon, 23 Jun 2008 14:41:31 -0400 (EDT)
From: "Steven M. Christey" <coley@...us.mitre.org>
To: Nico Golde <oss-security+ml@...lde.de>
cc: oss-security@...ts.openwall.com, vendor-sec@....de,
        "Steven M. Christey" <coley@...re.org>
Subject: Re: New Xen ioemu: PVFB backend issue


On Thu, 19 Jun 2008, Nico Golde wrote:

> Can you take care about the remaining steps to get this on
> the mitre site or Steve could you update this? Quite some
> time passed since this was assigned :)

There was enough in the initial post, I just missed it the first time
around.

Any idea on affected Xen versions?

- Steve

======================================================
Name: CVE-2008-1952
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1952
Reference: MLIST:[Xen-devel] 20080521 [PATCH] ioemu: Fix PVFB backend to limit frame buffer size
Reference: URL:http://lists.xensource.com/archives/html/xen-devel/2008-05/msg00421.html
Reference: MLIST:[oss-security] 20080521 New Xen ioemu: PVFB backend issue
Reference: URL:http://www.openwall.com/lists/oss-security/2008/05/21/9
Reference: CONFIRM:http://xenbits.xensource.com/xen-unstable.hg?rev/9044705960cb30cec385bdca7305bcf7db096721

The backend for XenSource Xen Para Virtualized Frame Buffer (PVFB) in
Xen ioemu does not properly restrict the frame buffer size, which
allows attackers to cause a denial of service (crash) by mapping an
arbitrary amoount of guest memory.

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ