Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 566798 - app-emulation/xen: virtual PMU is unsupported and vulnerable if enabled (XSA-163)
Summary: app-emulation/xen: virtual PMU is unsupported and vulnerable if enabled (XSA-...
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Gentoo Security
URL: http://www.openwall.com/lists/oss-sec...
Whiteboard: B1 [glsa]
Keywords:
Depends on:
Blocks:
 
Reported: 2015-11-25 11:11 UTC by Agostino Sarubbo
Modified: 2016-04-05 07:01 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Agostino Sarubbo gentoo-dev 2015-11-25 11:11:23 UTC 
From ${URL} :

                    Xen Security Advisory XSA-163

                      virtual PMU is unsupported

ISSUE DESCRIPTION
=================

The Virtual Performance Measurement Unit feature has been documented
as unsupported, so far only on Intel CPUs.  Further issues have been
found or are suspected which would also (or exclusively) affect AMD
CPUs.  We believe that the functionality is mostly intended for
non-production use anyway.  Therefore this functionality is hereby
documented as generally unsupported security-wise.

IMPACT
======

Use of the feature may have unknown effects, ranging from information
leaks through Denial of Service to privilege escalation.

VULNERABLE SYSTEMS
==================

Only systems which enable the VPMU feature are affected.  That is,
only systems with a `vpmu' setting on the hypervisor command line.

Xen versions from 3.3 onwards are affected.

Only x86 systems are affected.  ARM systems do not currently implement
vPMU and are therefore currently unaffected; should this functionality
be added to ARM in the future it would be covered by this exclusion.

In Xen versions prior to 4.6 only HVM guests can take advantage of
this unsupported functionality.  In Xen versions from 4.6 onwards all
guest kinds can use this unsupported functionality.

MITIGATION
==========

Not enabling vPMU support (by omitting the "vpmu" hypervisor command
line option) will avoid using and exposing the unsupported
functionality.
Comment 1 Doug Goldstein (RETIRED) gentoo-dev 2015-12-06 05:45:08 UTC 
Not sure what the requested action is. Basically if the user configures their system to enable a feature that is unsupported they will expose themselves to a security issue. There's no patch here.
Comment 2 Yury German Gentoo Infrastructure gentoo-dev 2015-12-07 23:02:20 UTC 
There are patches for this. http://xenbits.xen.org/xsa/advisory-163.html
Comment 3 Yury German Gentoo Infrastructure gentoo-dev 2015-12-07 23:57:29 UTC 
Actually I stand corrected - it does not have a patch:
"Applying the attached patch documents the situation.  The patch does
not fix any security issues."
Comment 4 Aaron Bauman (RETIRED) gentoo-dev 2016-03-12 11:10:55 UTC 
I do not see the patch in the tree.

@maintainer, how do you want to handle this?
Comment 5 GLSAMaker/CVETool Bot gentoo-dev 2016-04-05 07:01:30 UTC 
This issue was resolved and addressed in
 GLSA 201604-03 at https://security.gentoo.org/glsa/201604-03
by GLSA coordinator Yury German (BlueKnight).