Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Fri, 07 Feb 2014 08:25:58 +0000
From: "Jan Beulich" <JBeulich@...e.com>
To: <cve-assign@...re.org>
Cc: <oss-security@...ts.openwall.com>,<security@....org>
Subject: Re: Xen Security Advisory 84 - integer overflow in several
 XSM/Flask hypercalls

>>> On 06.02.14 at 18:23, <cve-assign@...re.org> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> We can provide the three CVE assignments for XSA-84 (as well as the
> one CVE assignment for XSA-85 and the one CVE assignment for XSA-86).
> However, could you please clarify:
> 
>> http://xenbits.xen.org/xsa/advisory-84.html 
> 
>> UPDATES IN VERSION 2
>> ====================
>> 
>> Public release.
>> 
>> The patch for 4.1 was extended to cover a few further similar issues.
> 
> Here, was the original scope of "The patch for 4.1" (before it was
> extended) exclusively:
> 
>   "a different overflow issue on FLASK_{GET,SET}BOOL and expose
>    unreasonably large memory allocation to arbitrary guests"
> 
> ? Or do you mean that, originally, the "patch for 4.1" addressed
> another vulnerability, and this "different overflow issue" was one of
> the version-2 extensions to the scope of XSA-84?

The original patch was dealing with just the unbounded memory
allocation. The missing bounds checking was what the incremental
addition dealt with.

Jan

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ