[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] Xen Security Advisory 7 (CVE-2012-0217) - PV privilege escalation

To: xen-devel@xxxxxxxxxxxxx
From: Andy Smith <andy@xxxxxxxxxxxxxx>
Date: Tue, 12 Jun 2012 12:15:10 +0000
Delivery-date: Tue, 12 Jun 2012 12:15:30 +0000
Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=bitfolk.com; s=alpha; h=Subject:In-Reply-To:Content-Type:MIME-Version:References:Message-ID:To:From:Date; bh=nYnflzHkPODYJ/cvFDyyBY9TeAY4059B+hPwdaY9K7k=; b=hhaoWDfgOtftvAUK5fVUXm8REykHRhxGZX4qkBGcqXMEe2NzhVhj7YmWyZjmKec2NThBjwrTe5ksSRIRCaFB/1Z0aA2p77kENoCieCaHhAZ+qLw5P9Z3DoFVt6jewqI8;
List-id: Xen developer discussion <xen-devel.lists.xen.org>
Openpgp: id=BF15490B; url=http://strugglers.net/~andy/pubkey.asc

Hello,

A quick question with regard to XSA-7:

On Tue, Jun 12, 2012 at 01:02:32PM +0100, Xen.org security team wrote:
> MITIGATION
> ==========
> 
> This issue can be mitigated by running HVM (fully-virtualised)
> or 32 bit PV guests only.

Assuming 64-bit hypervisor and dom0, with PV guests booted using
pygrub, is there any way to restrict guests to 32-bit only?

Cheers,
Andy

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel

Follow-Ups:
- Re: [Xen-devel] Xen Security Advisory 7 (CVE-2012-0217) - PV privilege escalation
  - From: Ian Campbell

References:
- [Xen-devel] Xen Security Advisory 7 (CVE-2012-0217) - PV privilege escalation
  - From: Xen . org security team

Prev by Date: [Xen-devel] Security vulnerability process - lessons learned discussion
Next by Date: [Xen-devel] [GIT PULL] (xen) stable/for-jens-3.5 for 3.5-rc2..
Previous by thread: [Xen-devel] Xen Security Advisory 7 (CVE-2012-0217) - PV privilege escalation
Next by thread: Re: [Xen-devel] Xen Security Advisory 7 (CVE-2012-0217) - PV privilege escalation
Index(es):
- Date
- Thread