Summary: | <app-emulations/xen-{tools}-{4.2.4r2,4.3.2-r2},app-emulations/xen-pvgrub-{4.2.4,4.3.2): HVMOP_set_mem_type allows invalid P2M entries to be created (XSA-92) (CVE-2014-3124) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Agostino Sarubbo <ago> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | minor | CC: | xen |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://www.openwall.com/lists/oss-security/2014/04/29/1 | ||
Whiteboard: | B3 [glsa] | ||
Package list: | Runtime testing required: | --- |
Description
Agostino Sarubbo
2014-04-29 12:35:52 UTC
bug fixed in versions: xen-4.4.0-r2 xen-4.3.2-r2 xen-4.2.4-r2 xen-tools-4.4.0-r2 xen-tools-4.3.2-r2 xen-tools-4.2.4-r2 ChangeLog: +*xen-4.4.0-r2 (09 May 2014) +*xen-4.3.2-r2 (09 May 2014) +*xen-4.2.4-r2 (09 May 2014) + + 09 May 2014; Yixun Lan <dlan@gentoo.org> -xen-4.2.4.ebuild, + +xen-4.2.4-r2.ebuild, -xen-4.3.2.ebuild, +xen-4.3.2-r2.ebuild, + -xen-4.4.0.ebuild, -xen-4.4.0-r1.ebuild, +xen-4.4.0-r2.ebuild: + bump security patches, bug 508510, 508424, 509054, 509176 +*xen-tools-4.4.0-r2 (09 May 2014) +*xen-tools-4.3.2-r2 (09 May 2014) +*xen-tools-4.2.4-r2 (09 May 2014) + + 09 May 2014; Yixun Lan <dlan@gentoo.org> +xen-tools-4.2.4-r2.ebuild, + +xen-tools-4.3.2-r2.ebuild, +xen-tools-4.4.0-r2.ebuild, + +files/xen-tools-4-qemu-fix-po-collision.patch: + 1) bump security patches, bug 508510, 508424, 509054, 509176 2) fix file + collision with app-emulation/qemu, bug 508302 3) drop old Arches, please test and mark stable: =app-emulation/xen-4.2.4-r2 =app-emulation/xen-tools-4.2.4-r2 =app-emulation/xen-pvgrub-4.2.4 Target keywords Both : "amd64 x86" =app-emulation/xen-4.3.2-r2 =app-emulation/xen-tools-4.3.2-r2 =app-emulation/xen-pvgrub-4.3.2 Target keywords Only: "amd64" after stabilization, we'll start to clean old ebuilds, thanks. amd64 stable x86 stable. Maintainer(s), please cleanup. Security, please vote. tree cleaning was done, old versions were dropped, files in ${FILESDIR} were cleanup. And all security bugs should be addressed. Maintainer(s), Thank you for cleanup! Security please Vote! sorry, but it seems to me that too many xen security bugs are still marked as IN_PROGRESS status.. what do we still need to do? the vote? can we just get them closed? many thanks (In reply to Yixun Lan from comment #7) > sorry, but it seems to me that too many xen security bugs are still marked > as IN_PROGRESS status.. what do we still need to do? the vote? can we just > get them closed? > > many thanks We need to follow the policy outlines in http://www.gentoo.org/security/en/vulnerability-policy.xml. Once we release the GLSA we will close the bugs. Added to an existing GLSA request. This issue was resolved and addressed in GLSA 201407-03 at http://security.gentoo.org/glsa/glsa-201407-03.xml by GLSA coordinator Mikle Kolyada (Zlogene). CVE-2014-3124 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3124): The HVMOP_set_mem_type control in Xen 4.1 through 4.4.x allows local guest HVM administrators to cause a denial of service (hypervisor crash) or possibly execute arbitrary code by leveraging a separate qemu-dm vulnerability to trigger invalid page table translations for unspecified memory page types. |