[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-announce] Xen Security Advisory 118 - arm: vgic: incorrect rate limiting of guest triggered logging



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

                    Xen Security Advisory XSA-118

    arm: vgic: incorrect rate limiting of guest triggered logging

ISSUE DESCRIPTION
=================

On ARM systems the code which deals with virtualising the GIC
distributor would, under various circumstances, log messages on a
guest accessible code path without appropriate rate limiting.

IMPACT
======

A malicious guest could cause repeated logging to the hypervisor
console, leading to a Denial of Service attack.

VULNERABLE SYSTEMS
==================

Xen 4.4 and later systems running on ARM hardware are vulnerable.

x86 systems are not affected.

MITIGATION
==========

The problematic log messages are issued with priority Warning.

Therefore they can be rate limited by adding "loglvl=error/warning" to the
hypervisor command line or suppressed entirely by adding "loglvl=error".

NOTE REGARDING LACK OF EMBARGO
==============================

This bug was publicly reported on xen-devel, before it was appreciated
that there was a security problem.

CREDITS
=======

This issue was discovered by Julien Grall.

RESOLUTION
==========

Applying the appropriate attached patch(es) resolves this issue.

xsa118-unstable-4.5-{1,2}.patch       xen-unstable, Xen 4.5.x
xsa118-4.4.patch                      Xen 4.4.x

$ sha256sum xsa118*.patch
5741cfe408273bd80e1a03c21a5650f963d7103fd022c688730f55dcf5373433  
xsa118-4.4.patch
ee24a4c5e12b67d7539f08b644080c87797f31b4402215cd4efbbc6114bffc25  
xsa118-4.5-unstable-1.patch
bd532e3cd535fcdea51f43631a519012baff068cb62d2205fc25f2c823f031eb  
xsa118-4.5-unstable-2.patch
$
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQEcBAEBAgAGBQJUyhXoAAoJEIP+FMlX6CvZIWsH/2cK4jijgzepEboZAyIl2E8f
wWMaF6Jr28YfQz8Zcpwi4GY9BecBjm2ZUuvuHS/yPGBIvriOiZXjMtlchd3FBhjw
CTvCasqFX6DYizduAPBcph/vY2LoiYn/i74+M55I6u5g8WL/o7p3Ea3UXKg8ZdgB
PdQnLJSi4iqbO6mfdgw3lb5gfVk/DUh0rW87CoOhdPNJrQWlw9zTpfjIvrGzIDXJ
jV5eW8mBhfTE8TfuJ2cFgMZgoob709EduJ8wgLqOPMAmn1HCC/MNNtEiZhliw2yD
WQePLlXXvwXxNhHP6Ge/698unV4zPDvlCxTYjBOsZWPC1ITVhMHZ1+j3z0mXO0U=
=2kMW
-----END PGP SIGNATURE-----

Attachment: xsa118-4.4.patch
Description: Binary data

Attachment: xsa118-4.5-unstable-1.patch
Description: Binary data

Attachment: xsa118-4.5-unstable-2.patch
Description: Binary data

_______________________________________________
Xen-announce mailing list
Xen-announce@xxxxxxxxxxxxx
http://lists.xen.org/xen-announce

 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.