Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Tue, 25 Mar 2014 12:01:10 -0400 (EDT)
From: cve-assign@...re.org
To: security@....org
Cc: cve-assign@...re.org, oss-security@...ts.openwall.com
Subject: Re: Xen Security Advisory 89 - HVMOP_set_mem_access is not preemptible

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

> Processing of the HVMOP_set_mem_access HVM control operations does not
> check the size of its input and can tie up a physical CPU for extended
> periods of time.

Use CVE-2014-2599.

> In 4.2 only 64-bit versions of the hypervisor are vulnerable
> (HVMOP_set_mem_access is not available in 32-bit hypervisors).

Typically we would not assign separate CVE IDs on the basis that
64-bit environments have different affected versions than 32-bit
environments (unless there were a separate product such as "Xen64" for
the former case).

- -- 
CVE assignment team, MITRE CVE Numbering Authority
M/S M300
202 Burlington Road, Bedford, MA 01730 USA
[ PGP key available through http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (SunOS)

iQEcBAEBAgAGBQJTMadRAAoJEKllVAevmvmsMPAH/jv5L/0rB8xH8GTjtTlYmLqU
0YLmogJRjgWWC4PIvyJKdps/ulAvnML2GLlx1SifCtDPBvaYDfWTpSboZ00RDMBK
zkbiZId6nAoB+1UGMBlSvsLFLn4dq6zlH7GetC3pSzgkaFUxIChUdxmgAuF8q2gi
cZugePte51ydXVksbBl6dEoNeunFi4oYXTWyo6EVsV+I5n5jUlTYus2CyFGkOD6n
9TrEoIwNvoEsVGLL2JkPKxzgOnrF1jvci1qPpgbeKFBOc4fNqPbvOYm0NcWj1B0I
bPFKrsJ5zvq07d8UMQpMCQMxYnbjRx9C64kbo1snnAqGkr4VCQeOXk5Tpdrl5Oc=
=BfxD
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.