Summary: | app-emulation/xen: virtual PMU is unsupported and vulnerable if enabled (XSA-163) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Agostino Sarubbo <ago> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | xen |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://www.openwall.com/lists/oss-security/2015/11/24/9 | ||
Whiteboard: | B1 [glsa] | ||
Package list: | Runtime testing required: | --- |
Description
Agostino Sarubbo
2015-11-25 11:11:23 UTC
Not sure what the requested action is. Basically if the user configures their system to enable a feature that is unsupported they will expose themselves to a security issue. There's no patch here. There are patches for this. http://xenbits.xen.org/xsa/advisory-163.html Actually I stand corrected - it does not have a patch: "Applying the attached patch documents the situation. The patch does not fix any security issues." I do not see the patch in the tree. @maintainer, how do you want to handle this? This issue was resolved and addressed in GLSA 201604-03 at https://security.gentoo.org/glsa/201604-03 by GLSA coordinator Yury German (BlueKnight). |