Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 454314 - <app-emulation/xen-4.2.0-r1, <app-emulation/xen-tools-4.2.0-r3, <app-emulation/xen-pvgrub-4.2.0-r1: Multiple vulnerabilities (CVE-2012-{5634,6075},CVE-2013-{0151,0152,0154})
Summary: <app-emulation/xen-4.2.0-r1, <app-emulation/xen-tools-4.2.0-r3, <app-emulatio...
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal minor (vote)
Assignee: Gentoo Security
URL:
Whiteboard: B3 [glsa]
Keywords:
Depends on:
Blocks:
 
Reported: 2013-01-27 13:55 UTC by Sean Amoss (RETIRED)
Modified: 2013-09-30 00:29 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Sean Amoss (RETIRED) gentoo-dev Security 2013-01-27 13:55:39 UTC
This bug is for the following CVE's/XSA's:

CVE-2012-5634	XSA-33
CVE-2013-0151	XSA-34
CVE-2013-0152	XSA-35
CVE-2013-0154	XSA-37
CVE-2012-6075	XSA-41
Comment 1 Ian Delaney (RETIRED) gentoo-dev 2013-01-30 14:36:15 UTC
ok let's make this the collection point or tracker for the related sec bugs.

XSA- Nos. 20, 22, 23, 24, 26, 27, 29-35, 37 & 40 all pertain to xen package.
XSA- Nos. 25 & 41                                    pertain to xen-tools.
XSA- No. 25
Comment 2 Ian Delaney (RETIRED) gentoo-dev 2013-01-30 14:42:46 UTC
(accidental save)

XSA- No. 25 pertains to xen-pvgrub-4.2.0-r1.                               

xen-4.2.0-r1 xen-tools-4.2.0-r3 xen-pvgrub-4.2.0-r1

ready & good to go for stable
Comment 3 Ian Delaney (RETIRED) gentoo-dev 2013-01-31 18:04:56 UTC
Arch teams please test xen-4.2.0-r1, xen-tools-4.2.0-r3, xen-pvgrub-4.2.0-r1.
Comment 4 Agostino Sarubbo gentoo-dev 2013-02-02 21:59:04 UTC
amd64 stable
Comment 5 Agostino Sarubbo gentoo-dev 2013-02-02 22:02:07 UTC
x86 stable
Comment 6 GLSAMaker/CVETool Bot gentoo-dev 2013-03-04 23:05:06 UTC
CVE-2013-0152 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0152):
  Memory leak in Xen 4.2 and unstable allows local HVM guests to cause a
  denial of service (host memory consumption) by performing nested
  virtualization in a way that triggers errors that are not properly handled.

CVE-2012-6075 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-6075):
  Buffer overflow in the e1000_receive function in the e1000 device driver
  (hw/e1000.c) in QEMU 1.3.0-rc2 and other versions, when the SBP and LPE
  flags are disabled, allows remote attackers to cause a denial of service
  (guest OS crash) and possibly execute arbitrary guest code via a large
  packet.

CVE-2012-5634 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5634):
  Xen 4.2.x, 4.1.x, and 4.0, when using Intel VT-d for PCI passthrough, does
  not properly configure VT-d when supporting a device that is behind a legacy
  PCI Bridge, which allows local guests to cause a denial of service to other
  guests by injecting an interrupt.
Comment 7 Tobias Heinlein (RETIRED) gentoo-dev 2013-03-24 19:48:02 UTC
Added to existing GLSA request.
Comment 8 GLSAMaker/CVETool Bot gentoo-dev 2013-04-19 12:39:11 UTC
CVE-2013-0151 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0151):
  The do_hvm_op function in xen/arch/x86/hvm/hvm.c in Xen 4.2.x on the x86_32
  platform does not prevent HVM_PARAM_NESTEDHVM (aka nested virtualization)
  operations, which allows guest OS users to cause a denial of service
  (long-duration page mappings and host OS crash) by leveraging administrative
  access to an HVM guest in a domain with a large number of VCPUs.
Comment 9 GLSAMaker/CVETool Bot gentoo-dev 2013-09-30 00:29:05 UTC
This issue was resolved and addressed in
 GLSA 201309-24 at http://security.gentoo.org/glsa/glsa-201309-24.xml
by GLSA coordinator Chris Reffett (creffett).