First Last Prev Next    No search results available      Search page      Enter new bug
Bug#: 198995
Alias:
Product:
Component:
Status: RESOLVED
Resolution: FIXED
Assigned To: Gentoo Security <security@gentoo.org>
Hardware:
OS:
Version:
Priority:
Severity:
Reporter: Robert Buchholz <rbu@gentoo.org>
Add CC:
CC:
Remove selected CCs
URL:
Summary:
Status Whiteboard:
Keywords:
Flags: Requestee:
 
 
  ()

Filename Description Type Creator Created Size Actions
Create a New Attachment (proposed patch, testcase, etc.) View All

Bug 198995 depends on: Show dependency tree
Show dependency graph
Bug 198995 blocks:

Additional Comments: (this is where you put emerge --info)







View Bug Activity   |   Format For Printing   |   XML   |   Clone This Bug

Description:   Opened: 2007-11-12 23:39 0000 
CVE-2007-5907 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5907):
  Xen 3.1.1 does not prevent modification of the CR4 TSC from applications,
  which allows pv guests to cause a denial of service (crash).

------- Comment #1 From Robert Buchholz 2007-11-12 23:39:57 0000 ------- 
xen, please advise :-)

------- Comment #2 From Robert Buchholz 2007-11-12 23:41:01 0000 ------- 
CVE-2007-5906 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5906):
  Xen 3.1.1 allows virtual guest system users to cause a denial of service
  (hypervisor crash) by using a debug register (DR7) to set certain
breakpoints.

------- Comment #3 From Micheal Marineau 2007-11-16 23:52:23 0000 ------- 
Xen 3.1.2 has been released and include the debug register fix, I will have it
in the portage tree soon. As for the TSC issue, the patch "x86: allow pv guests
to disable TSC for applications" was only committed to the unstable branch
(will be xen 3.2) and not included in 3.1.2. I'm not sure why. The provided
patch does not apply to the 3.1.2 branch either.

------- Comment #4 From Pierre-Yves Rofes 2007-12-09 00:01:39 0000 ------- 
xen-3.1.2 now in portage, but still waiting for 3.2 series to fix the other
issue.

------- Comment #5 From Robert Buchholz 2008-01-10 13:52:44 0000 ------- 
*** Bug 205206 has been marked as a duplicate of this bug. ***

------- Comment #6 From Pierre-Yves Rofes 2008-05-07 22:08:09 0000 ------- 
(In reply to comment #4)
> xen-3.1.2 now in portage, but still waiting for 3.2 series to fix the other
> issue.
> 

xen herd: 3.2 is now in portage, does it include the fix?

------- Comment #7 From Micheal Marineau 2008-05-07 22:57:57 0000 ------- 
(In reply to comment #6)
> (In reply to comment #4)
> > xen-3.1.2 now in portage, but still waiting for 3.2 series to fix the other
> > issue.
> > 
> 
> xen herd: 3.2 is now in portage, does it include the fix?
> 

Oops, forgot to comment on this. Yes it includes the fix.

------- Comment #8 From Robert Buchholz 2008-05-08 07:53:05 0000 ------- 
Thanks, closing then.
First Last Prev Next    No search results available      Search page      Enter new bug