From ${URL}: ISSUE DESCRIPTION ================= The privilege check applied to hypercall attempts by a HVM guest only refused access from ring 3; rings 1 and 2 were allowed through. IMPACT ====== Code running in the intermediate privilege rings of HVM guest OSes may be able to elevate its privileges inside the guest by careful hypercall use. Patch available at http://xenbits.xen.org/xsa/advisory-76.html
CVE-2013-4554 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4554): Xen 3.0.3 through 4.1.x (possibly 4.1.6.1), 4.2.x (possibly 4.2.3), and 4.3.x (possibly 4.3.1) does not properly prevent access to hypercalls, which allows local guest users to gain privileges via a crafted application running in ring 1 or 2.
*xen-4.3.1-r3 (06 Jan 2014) *xen-4.3.0-r6 (06 Jan 2014) 06 Jan 2014; Ian Delaney <idella4@gentoo.org> +files/xen-4.3-CVE-2013-4553-XSA-74.patch, +files/xen-CVE-2013-4554-XSA-76.patch, +files/xen-CVE-2013-6400-XSA-80.patch, +xen-4.3.0-r6.ebuild, +xen-4.3.1-r3.ebuild: add new sec patches, revbumps, patches prepared by dlan
Maintainers please advise when you are ready for stabilization.
(In reply to Yury German from comment #3) > Maintainers please advise when you are ready for stabilization. well we're content for stable any time. Told we need await the 30 days from *xen-4.3.1-r4 (24 Jan 2014) arches please do so any time from when 30 days expires
Fixed as part of Bug 500530. Adding to existing GLSA.
This issue was resolved and addressed in GLSA 201407-03 at http://security.gentoo.org/glsa/glsa-201407-03.xml by GLSA coordinator Mikle Kolyada (Zlogene).
