Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 497086 (CVE-2013-4554)

Summary: <app-emulation/xen-{4.2.3-r1,4.3.1-r5}: Hypercalls exposed to privilege rings 1 and 2 of HVM guests (XSA-76) (CVE-2013-4554)
Product: Gentoo Security Reporter: Chris Reffett (RETIRED) <creffett>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Severity: major CC: idella4, xen
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
See Also:
Whiteboard: B1 [glsa]
Package list:
Runtime testing required: ---

Description Chris Reffett (RETIRED) gentoo-dev Security 2014-01-05 02:31:23 UTC
From ${URL}:


The privilege check applied to hypercall attempts by a HVM guest only refused
access from ring 3; rings 1 and 2 were allowed through.


Code running in the intermediate privilege rings of HVM guest OSes may be able
to elevate its privileges inside the guest by careful hypercall use.

Patch available at
Comment 1 GLSAMaker/CVETool Bot gentoo-dev 2014-01-05 02:32:59 UTC
CVE-2013-4554 (
  Xen 3.0.3 through 4.1.x (possibly, 4.2.x (possibly 4.2.3), and
  4.3.x (possibly 4.3.1) does not properly prevent access to hypercalls, which
  allows local guest users to gain privileges via a crafted application
  running in ring 1 or 2.
Comment 2 Ian Delaney (RETIRED) gentoo-dev 2014-01-17 02:43:57 UTC
*xen-4.3.1-r3 (06 Jan 2014)
*xen-4.3.0-r6 (06 Jan 2014)

  06 Jan 2014; Ian Delaney <>
  +files/xen-CVE-2013-4554-XSA-76.patch, +files/xen-CVE-2013-6400-XSA-80.patch,
  +xen-4.3.0-r6.ebuild, +xen-4.3.1-r3.ebuild:
  add new sec patches, revbumps, patches prepared by dlan
Comment 3 Yury German Gentoo Infrastructure gentoo-dev 2014-01-17 16:34:01 UTC
Maintainers please advise when you are ready for stabilization.
Comment 4 Ian Delaney (RETIRED) gentoo-dev 2014-02-07 02:29:43 UTC
(In reply to Yury German from comment #3)
> Maintainers please advise when you are ready for stabilization.

well we're content for stable any time.  Told we need await the 30 days from
*xen-4.3.1-r4 (24 Jan 2014)

arches please do so any time from when 30 days expires
Comment 5 Yury German Gentoo Infrastructure gentoo-dev 2014-05-21 03:26:03 UTC
Fixed as part of Bug 500530.

Adding to existing GLSA.
Comment 6 GLSAMaker/CVETool Bot gentoo-dev 2014-07-16 16:46:34 UTC
This issue was resolved and addressed in
 GLSA 201407-03 at
by GLSA coordinator Mikle Kolyada (Zlogene).