[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Xen Security Advisory 457 v2 - Linux/xen-netfront: Memory leak due to missing cleanup function
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Xen Security Advisory XSA-457 version 2 Linux/xen-netfront: Memory leak due to missing cleanup function UPDATES IN VERSION 2 ==================== * Clarify the XSA is in netfront and *not* netback * Clarify the impact: only the guest may crash ISSUE DESCRIPTION ================= In netfront, xennet_alloc_one_rx_buffer() failed to call the appropriate clean-up function, resulting in a memory leak. IMPACT ====== A malicious guest userspace process can exhaust memory resources within the guest kernel, potentially leading to a guest crash (Denial of Service). It is not known whether it can be triggered remotely. VULNERABLE SYSTEMS ================== Systems with guests running Linux 5.9 and later with Xen PV network devices are affected. MITIGATION ========== For HVM guests, using emulated network devices will avoid this issue. RESOLUTION ========== The following patch in Linux resolves the issue: https://git.kernel.org/torvalds/c/037965402a010898d34f4e35327d22c0a95cd51f A copy of which is attached. xsa457.patch Linux 5.9 $ sha256sum xsa457* 9d6ae3da27f1ff92f9f45c800822beecda603d6dea6726207cee6c768416114c xsa457.patch $ NOTE ON THE LACK OF EMBARGO =========================== The issue was reported initially on a public bug tracker and fixed in public before it was realized that there was a security aspect. -----BEGIN PGP SIGNATURE----- iQFABAEBCAAqFiEEI+MiLBRfRHX6gGCng/4UyVfoK9kFAmY7W/gMHHBncEB4ZW4u b3JnAAoJEIP+FMlX6CvZnPQIAIPhOEXsSKutZJF776KKDmoNDmZ00SikkfZ9tZW8 LyiNNJ7l7tDN3A5EVJn4l8Xos+PFaadNIXdaLKemRt17nP4Qw+UzjvBTiTbou+m7 OGUGsRMCNkfpv8OEi/U91o3W3uEE/tL7ahws/wAnOzEfcbTFl5alTDfuDfrtOaiA 1Uz37QO0GNQSD+n91SyosqAljfbAvWNQMLJ+Iz9YB6BonVwsWWNeHjF1N9zDWv3k pD+DVOa60FYIA3xxeJveZO3ZLA6oBo5wyKiQ8p3bun9X9W5+i6PrzWewnsWCvya+ Yyi0xTZ2YBzo+eNFpQ9OKqjDVoSREx9l9Ef0YvSStR0/aBw= =/9cg -----END PGP SIGNATURE----- Attachment:
xsa457.patch
|
Lists.xenproject.org is hosted with RackSpace, monitoring our |