Summary: | app-emulation/xen: Vulnerabilities in HVM MSI injection (XSA-96) (CVE-2014-{3967,3968}) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Agostino Sarubbo <ago> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | minor | CC: | xen |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://www.openwall.com/lists/oss-security/2014/06/03/9 | ||
Whiteboard: | B3 [glsa] | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | |||
Bug Blocks: | 482138 |
Description
Agostino Sarubbo
2014-06-03 14:22:34 UTC
fixed as part of bug 512572 Setting this bug as Primary not 512572 since that one is ARM only and does not need to be stabilized. Please advise when ready for stabilization. CVE-2014-3968 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3968): The HVMOP_inject_msi function in Xen 4.2.x, 4.3.x, and 4.4.x allows local guest HVM administrators to cause a denial of service (host crash) via a large number of crafted requests, which trigger an error messages to be logged. CVE-2014-3967 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3967): The HVMOP_inject_msi function in Xen 4.2.x, 4.3.x, and 4.4.x does not properly check the return value from the IRQ setup check, which allows local HVM guest administrators to cause a denial of service (NULL pointer dereference and crash) via unspecified vectors. Maintainer(s), Thank you for you for cleanup. Added to an existing GLSA Request. This issue was resolved and addressed in GLSA 201504-04 at https://security.gentoo.org/glsa/201504-04 by GLSA coordinator Yury German (BlueKnight). |