Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Mon, 24 Mar 2014 15:47:07 -0400 (EDT)
From: cve-assign@...re.org
To: security@....org
Cc: cve-assign@...re.org, oss-security@...ts.openwall.com
Subject: Re: Xen Security Advisory 90 - Linux netback crash trying to disable due to malformed packet

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

> XSA-90

> it tries to disable the interface ... This involves taking a mutex ...
> sleeping is not allowed ... The end result is that the backend domain
> (often, Dom0) crashes with "scheduling while atomic". Malicious guest
> administrators can cause denial of service.

Use CVE-2014-2580.

> This bug was publicly reported on xen-devel, before it was appreciated
> that there was a security problem. The public mailing list thread
> nevertheless contains information strongly suggestive of a security
> bug, and a different security bug (with CVE) is suggested as seeming
> "similar".

We didn't happen to notice a CVE ID of a similar bug within xen-devel.
In some cases, we would use that bug's CVE ID (if available) within a
"NOTE:" sentence at the end of a new vulnerability's CVE description.

http://lists.xen.org/archives/html/xen-devel/2014-03/msg02707.html
says "by removing these checks we are introducing a way for a
malicious or buggy guest to trigger misbehaviour in the backend,
leading to e.g. a DoS" but we haven't tried to track down whether that
is directly applicable.

- -- 
CVE assignment team, MITRE CVE Numbering Authority
M/S M300
202 Burlington Road, Bedford, MA 01730 USA
[ PGP key available through http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (SunOS)

iQEcBAEBAgAGBQJTMIp6AAoJEKllVAevmvms3GwH/0Vkny8mbIwqAjuiyhWXYsCd
Ys5QRiKv3XmJ8ebt4Mk5FbKOH1tnBupoIJY84iPJmS3lFcwhI7Sm9IkgzWcVw73i
cO2D8mjfCBS53rpMi27k8dFgU0lE4zpWcuQsv3BtpijUSxLMLvNRpkyFTUdgmuYd
FqtaX7N6Us616RjrGnsOmCMLSoOR4/8OCY6ePVkAF9yOhDh7i5JnFhZ75bdDi6lL
6eT3B9rZ//yz4ht/sP2V0gizASNpPO5kd54lkePyrfYr23GwfXGFlPt4RAthrp5Z
a3soa6Iqo4QTmG5f0ko5buZOb9M5WF0amzPSeNN6jKn6CBBe8yu0Kbrd7LY6Rs0=
=WFEq
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ