Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Fri, 27 Jul 2012 02:10:04 -0600
From: Kurt Seifried <kseifried@...hat.com>
To: oss-security@...ts.openwall.com
CC: "Xen.org security team" <security@....org>,
        xen-announce@...ts.xensource.com, xen-devel@...ts.xensource.com,
        xen-users@...ts.xensource.com
Subject: Re: Xen Security Advisory 10 - HVM guest user mode
 MMIO emulation DoS

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 07/26/2012 09:30 AM, Xen.org security team wrote:
> 
> Xen Security Advisory XSA-10
> 
> HVM guest user mode MMIO emulation DoS vulnerability
> 
> ISSUE DESCRIPTION =================
> 
> Internal data of the emulator for MMIO operations may, under 
> certain rare conditions, at the end of one emulation cycle be left 
> in a state affecting a subsequent emulation such that this second 
> emulation would fail, causing an exception to be reported to the 
> guest kernel where none is expected.
> 
> IMPACT ======
> 
> Guest mode unprivileged (user) code, which has been granted the
> privilege to access MMIO regions, may leverage that access to crash
> the whole guest.
> 
> VULNERABLE SYSTEMS ==================
> 
> All HVM guests exposing MMIO ranges to unprivileged (user) mode.
> 
> All versions of Xen which support HVM guests are vulnerable to this
> issue.
> 
> MITIGATION ==========
> 
> This issue can be mitigated by running PV (para-virtualised) guests
> only, or by ensuring (inside the guest) that MMIO regions can be
> accessed only by trustworthy processes.
> 
> RESOLUTION ==========
> 
> Applying the appropriate attached patch will resolve the issue.
> 
> NOTE REGARDING CVE ==================
> 
> We do not yet have a CVE Candidate number for this vulnerability.
> 
> PATCH INFORMATION =================
> 
> The attached patches resolve this issue
> 
> $ sha256sum xsa10-*.patch 
> f96b7849194901d7f663895f88c2ca4f4721559f1c1fe13bba515336437ab912
> xsa10-4.x.patch 
> fb9dead017dfea99ad3e8d928582e67160c76518b7fe207d9a3324811baf06dd
> xsa10-unstable.patch

Please use CVE-2012-3432 for this issue.


- -- 
Kurt Seifried Red Hat Security Response Team (SRT)
PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQIcBAEBAgAGBQJQEkzcAAoJEBYNRVNeJnmTBi8QANKeCCOiniLKp5+1LvYXr3rE
uV9UijoVTBu6WNtB2L9NXRrenHBvGv38+tmVVg7pCqHkU9nrzhmg4zc8qZY8LJ/V
/ZnYuVoWZ/hG+KNi8/NQIiDAiDu4Ip9NnMSW9SdYPVEFSQN4JCQufYOxjCGNzOj1
QidDoyb7i63UAFXj4nvdFmJKVYSvegI+H46vGVkQabBdZ2LXuCHYCw54ZZ0nFqKj
LU3t/468DmBn1Gk2EUdufV/NWxWpD33pjwTkMFbYH/C5cSHUMx6UUkD48EWu0YAs
MxjigqXHKiXEPsoyfULppRTaxE969MsWDhrjrptymZjasmcXl+v/opmVYT9DJ1gF
pAHU0o862p1gcdhBuk/n2DB8HFSk5MJbytDz0KzxgEDrqhFO4AIeAVq6//wXPnym
nxNTY/6MQazc+S+coiNvBAtr1sT6CWgHsd0DLLQh/PQZ1DVDKRfufd9LfI7PdPFH
gjHp81MArk39vFM5vT01Ac0aG4pj8kTwpTHwt84VL05hj6R/GcB56/526fmmgnan
6KlwufXZkZjP6lteIeidK9NVOhRId5VEL0EguQAc5z8cavl6oD1P+AaECZct+h5r
jMHxeQSf0ggQL6zRGBOU6Dlt2+Cg4FjRpWO8iGe0PlZb+XTFUsPk8/OWEKHa2Rlp
tXhMnEfhzvKZLMg53D+S
=qRMf
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.