[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-devel] Xen Security Advisory 22 (CVE-2012-4537) - Memory mapping failure DoS vulnerability



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

                 Xen Security Advisory CVE-2012-4537 / XSA-22
                              version 4

                  Memory mapping failure DoS vulnerability

UPDATES IN VERSION 4
====================

Public release.

ISSUE DESCRIPTION
=================

When set_p2m_entry fails, Xen's internal data structures (the p2m and
m2p tables) can get out of sync.  This failure can be triggered by
unusual guest behaviour exhausting the memory reserved for the p2m
table.  If it happens, subsequent guest-invoked memory operations can
cause Xen to fail an assertion and crash.

IMPACT
======

A malicious guest administrator might be able to cause Xen to crash.

VULNERABLE SYSTEMS
==================

All versions of Xen since at least 3.4 are vulnerable.

The vulnerability is only exposed to HVM guests.

MITIGATION
==========

There is no mitigation available other than to use a trusted guest
kernel.

RESOLUTION
==========

The attached patch resolves this issue.

Applying the appropriate attached patch resolves this issue.

xsa22-4.2-unstable.patch    Xen 4.2.x, xen-unstable
xsa22-4.1.patch             Xen 4.1.x
xsa22-4.0.patch             Xen 4.0.x
xsa22-3.4.patch             Xen 3.4.x

$ sha256sum xsa22*.patch
fe21558f098340451a275c468a7b2209915676f4f41ec394970c6aa0df3d93d3  
xsa22-3.4.patch
b7e635ae07f31ac8ecb8732152ba66897ea6d0f5e30468e35d7c37379c7369bb  
xsa22-4.0.patch
e699e7af6b90e60531d98f04197141c4caf5eb4cdb312a43e736830eb17d32e1  
xsa22-4.1.patch
8dbf850b903179807257febe12a15cb131968e65d2e90dbd3a5f72b83d2f931a  
xsa22-4.2-unstable.patch
$
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iQEcBAEBAgAGBQJQokGpAAoJEIP+FMlX6CvZUsEIAIL7FtUpAgYTG73BXIpIoJ1h
L85yaAhizzuwWAHMwLBD/oMs+OPzIXsCp4rBHI8XPQ0rf3YeHSj8uI+ta17Th1Gb
KuFFlDPujh5EiE0yel8u21hgsJ7rUpA04jPeYDbVbHPVC6bywf7pkChCEPos/Ze9
gAlRVptdBXH2nGmSyMFDfoby60lDXa7ZP0KoJUyuUG69zDMzlANLiEvk/+mN4YKB
W4uiaYlCeDfrCn4T8Pk9rTMdDWmCsbQpZQRqwwNXdUa/EX0Ccv/QdcppPHoylYeK
DQ9GPZOtDsm4s1M/J1oPVXZI7X/vLuBwje4/hhisFFiO4kLffcKCSopSizgLlO0=
=82B5
-----END PGP SIGNATURE-----

Attachment: xsa22-3.4.patch
Description: Binary data

Attachment: xsa22-4.0.patch
Description: Binary data

Attachment: xsa22-4.1.patch
Description: Binary data

Attachment: xsa22-4.2-unstable.patch
Description: Binary data

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel

 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.