[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Wed, 4 Jun 2014 17:05:01 +0100
From: Ian Jackson <Ian.Jackson@...citrix.com>
To: <cve-assign@...re.org>
CC: <security@....org>, <oss-security@...ts.openwall.com>
Subject: Re: Xen Security Advisory 98 - insufficient permissions checks accessing guest memory on ARM
cve-assign@...re.org writes ("Re: Xen Security Advisory 98 - insufficient permissions checks accessing guest memory on ARM"):
...
> > When accessing guest memory Xen does not correctly perform permissions
> > checks on the (possibly guest provided) virtual address ... This
> > allows a guest to write to memory which it should only be able to
> > read.
>
> > In the event that a guest executes code from a page which has been
> > shared read-only with another guest it would be possible to mount a
> > take over attack on that guest.
>
> Use CVE-2014-3969.
Thanks. I have sent out updated versions of XSA-96 and -98.
> Our understanding is that "executes code from a page which has been
> shared read-only" depends on the permissions issue (lack of a check
> for execute permission), and is not an independent problem.
That is correct.
Thanks,
Ian.
Powered by blists - more mailing lists
Please check out the
Open Source Software Security Wiki, which is counterpart to this
mailing list.
Confused about mailing lists and their use?
Read about mailing lists on Wikipedia
and check out these
guidelines on proper formatting of your messages.
