|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-users] PV privilege escalation - advisory
Is there some scenario how to test that our config is affected? In this article: http://blog.xen.org/index.php/2012/06/13/the-intel-sysret-privilege-escalation/#more-4865 is being mentioned about linux 2.6.16.5 is affected. Does this means that guest 2.6.18+ would be not able to abuse? Peter 2012/6/14 Peter Braun <xenware@xxxxxxxxx>: > We are in the worst case: > > - intel cpu > - domU not under control > > We will have to go own package way. > > Thanks > > Peter > > > > 2012/6/14 Fajar A. Nugraha <list@xxxxxxxxx>: >> On Thu, Jun 14, 2012 at 1:35 PM, Peter Braun <xenware@xxxxxxxxx> wrote: >>> Hello, >>> >>> we are using 3.4.3 from Gitco.de on 64bit Centos 5.8 and we have PV >>> guests 64bit. >>> >>> According to described security bug we are in danger. >>> >>> >>> What do you suggest? Wait for gitco update or build xen own with patch? >> >> It depends :) >> >> If you use newer AMD processor, it shouldn't matter. >> If you control all of your domU, you could probably wait, as it >> requires root privilege on domU to trigger the bug. >> However if you run (e.g.) a VPS-hosting where other people have >> control of the domU, you should build your own upgraded package >> immediately. >> >> FWIW, this is one of the example on how using vendor-provided packages >> would be useful. Redhat already released updated that address that >> vulnerability: >> https://access.redhat.com/security/cve/CVE-2012-0217 >> https://rhn.redhat.com/errata/RHSA-2012-0721.html >> >> -- >> Fajar _______________________________________________ Xen-users mailing list Xen-users@xxxxxxxxxxxxx http://lists.xen.org/xen-users
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |