Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Wed, 24 Sep 2014 02:04:26 -0400 (EDT)
From: cve-assign@...re.org
To: security@....org
Cc: cve-assign@...re.org, oss-security@...ts.openwall.com
Subject: Re: Xen Security Advisory 105 - Missing privilege level checks in x86 HLT, LGDT, LIDT, and LMSW emulation

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

> Xen Security Advisory XSA-105
> 
> The emulation of the instructions HLT, LGDT, LIDT, and LMSW fails to
> perform supervisor mode permission checks.
> 
> Xen versions from at least 3.2.x onwards are vulnerable.

Use CVE-2014-7155.

- -- 
CVE assignment team, MITRE CVE Numbering Authority
M/S M300
202 Burlington Road, Bedford, MA 01730 USA
[ PGP key available through http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (SunOS)

iQEcBAEBAgAGBQJUIl3/AAoJEKllVAevmvmsLGoH/2hnJ2Gn+MqmDKeoaG5qsoLb
GE8IOEnUiDkB6ahlL+PwoWgiC5d/W554W31xId0eqZleoFnCtRHHULfy0rC7bbMd
MbYa47QOF+dImT8cRHads23oc7OlwBwPbaDhUr9Ez6g1a5hLt8CaE9K8g4xILx5u
oMsN/+tjFbPzbex2pgtL5ZJW7RXzUlT7UGCr8fBnw0O916OHZzhctAekrsYWjVqu
0KUMRiO/oAgb9Xyzlmkr+DDFcq5VEHegHqDQjNoVodW9dwylP7t9mGZbGO4t1myY
foklnZiKpYwYBSOQK92s1xWvWaiOCUcgPJTxF4F7ruSfIoKBxSNjivKZn7DlTBU=
=5UGs
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ