Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 220981 - sys-kernel/xen-sources ssm_i "FTP stress test" DoS (CVE-2008-1619)
Summary: sys-kernel/xen-sources ssm_i "FTP stress test" DoS (CVE-2008-1619)
Status: RESOLVED INVALID
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Kernel (show other bugs)
Hardware: All Linux
: High normal (vote)
Assignee: Gentoo Security
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2008-05-08 18:17 UTC by Robert Buchholz (RETIRED)
Modified: 2008-05-08 19:25 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---

Attachments
linux-2.6-xen-ia64-fix-ssm_i-emulation-barrier-and-vdso-pv.patch (linux-2.6-xen-ia64-fix-ssm_i-emulation-barrier-and-vdso-pv.patch,12.03 KB, patch)
2008-05-08 19:24 UTC, Robert Buchholz (RETIRED) 		no flags Details | Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Robert Buchholz (RETIRED) gentoo-dev 2008-05-08 18:17:15 UTC 
CVE-2008-1619 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1619):
  The ssm_i emulation in Xen 5.1 on IA64 architectures allows attackers to
  cause a denial of service (dom0 panic) via certain traffic, as demonstrated
  using an FTP stress test tool.
Comment 1 Micheal Marineau (RETIRED) gentoo-dev 2008-05-08 18:41:16 UTC 
(In reply to comment #0)
> CVE-2008-1619 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1619):
>   The ssm_i emulation in Xen 5.1 on IA64 architectures allows attackers to
>   cause a denial of service (dom0 panic) via certain traffic, as demonstrated
>   using an FTP stress test tool.
> 

Xen 5.1? There is no such thing, is it referring to the enterprise version? Also we haven't keyworded or even tested Xen on IA64 so Gentoo is unaffected.
Comment 2 Robert Buchholz (RETIRED) gentoo-dev 2008-05-08 19:14:27 UTC 
The bug was reported to Redhat: https://bugzilla.redhat.com/show_bug.cgi?id=437770
Unfortunately, all information has been removed from the bug.

The version is probably a mix-up because it was reported in version 5.1 of RedHat. I don't know if it is ia64 specific.
Comment 3 Robert Buchholz (RETIRED) gentoo-dev 2008-05-08 19:24:17 UTC 
Created attachment 152505 [details, diff]
linux-2.6-xen-ia64-fix-ssm_i-emulation-barrier-and-vdso-pv.patch

Extracted from kernel-2.6.18-53.1.19.el5.src.rpm
Comment 4 Robert Buchholz (RETIRED) gentoo-dev 2008-05-08 19:25:16 UTC 
From the patch I could confirm this is specific to the IA64 tree. Closing as INVALID because it does not affect Gentoo, as Michael pointed out.