[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [oss-security] Re: Xen Security Advisory 82 (CVE-2013-6885) - Guest triggerable AMD CPU erratum may cause host hang

On 02/12/2013 22:43, Matthew Daley wrote:
> On Tue, Dec 3, 2013 at 7:16 AM, Kurt Seifried <kseifried@xxxxxxxxxx> wrote:
>> On 12/02/2013 10:22 AM, Ian Jackson wrote:
>>> * Should the Xen Project security te4am have treated this issue
>>> with an embargo at all, given that the flaw itself was public ?
>> I would say this depends on the level of public disclosure. For
>> example from "upstream" (AMD) there was a very limited disclosure (no
>> public announcement I'm aware of) and just some notes in a single PDF.
>> However this was also made public via the person who found it and then
>> picked up by ZDnet in an article, so I would personally count that as
>> quite public.
> Can you post a link to this ZDnet article? I don't think it can be the
> one linked in the CVE description itself, because that talks about a
> different, earlier bug IIUC; I privately asked Matt Dillon, who
> discovered Errata 721, and he agreed that this CVE talks about a
> different (but maybe related) Errata, #793.
>
> - Matthew

The email (ID 201311280223.rAS2NbPL019021@xxxxxxxxxxxxxxx) has the
following links

http://lists.dragonflybsd.org/pipermail/kernel/2011-December/046594.html

http://www.zdnet.com/blog/hardware/amd-owns-up-to-cpu-bug/18924

And identifies them as related to CVE-2013-6885

Unless DragonflyBSD is giving Write Combining memory to its regular
userspace processes (which would frankly be crazy and cause abysmal
performance - uncacheable reads have a habit of slowing things down
somewhat), I cant see any similarity between the CVE and the problem
described by Matt Dillon in the links.

The zdnet article quotes a statement from AMD of:

Also, this marginal erratum impacts the previous four generations of AMD
Opteron processors which include the AMD Opteron 2300,8300
8300("Barcelona" and "Shanghai",) 2400, 8400 ("Istanbul",) and 4100,
6100 ("Lisbon" and "Magny-Cours") series processors.


None of these generations are the "Jaguar Architecture" Family 16h
identified in the erratum description from #793  Furthermore, Matt
Dillon appears to be under the impression that he found erratum #721.

It therefore appears that the original MITRE email was incorrect as
identifying the two links (refering to #721, and nearly 2 years old
judging by http://article.gmane.org/gmane.os.dragonfly-bsd.kernel/14518)
as related to #793 (whos errata document's inital release was June of
this year).

Can anyone from AMD formally confirm or deny a link between errata #721
and #793 ?

~Andrew

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.