From ${URL} : Xen Security Advisory XSA-118 arm: vgic: incorrect rate limiting of guest triggered logging ISSUE DESCRIPTION ================= On ARM systems the code which deals with virtualising the GIC distributor would, under various circumstances, log messages on a guest accessible code path without appropriate rate limiting. IMPACT ====== A malicious guest could cause repeated logging to the hypervisor console, leading to a Denial of Service attack. VULNERABLE SYSTEMS ================== Xen 4.4 and later systems running on ARM hardware are vulnerable. x86 systems are not affected. MITIGATION ========== The problematic log messages are issued with priority Warning. Therefore they can be rate limited by adding "loglvl=error/warning" to the hypervisor command line or suppressed entirely by adding "loglvl=error". NOTE REGARDING LACK OF EMBARGO ============================== This bug was publicly reported on xen-devel, before it was appreciated that there was a security problem. CREDITS ======= This issue was discovered by Julien Grall. RESOLUTION ========== Applying the appropriate attached patch(es) resolves this issue. xsa118-unstable-4.5-{1,2}.patch xen-unstable, Xen 4.5.x xsa118-4.4.patch Xen 4.4.x @maintainer(s): since the package or the affected version has never been marked as stable, we don't need to stabilize it. After the bump, please remove the affected versions from the tree.
CVE-2015-1563 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1563): The ARM GIC distributor virtualization in Xen 4.4.x and 4.5.x allows local guests to cause a denial of service by causing a large number messages to be logged.
fixed in app-emulation/xen-4.4.1-r6, app-emulation/xen-4.5.0-r1 (no stablereq needed)
Maintainer(s), Thank you for bump and cleanup! No stable version. Closing noglsa.
