Summary: | <app-emulation/xen-{4.2.5-r3,4.3.3-r3,4.4.1-r4}: multiple vulnerabilties (CVE-2014-{8866,8867}) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Agostino Sarubbo <ago> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | minor | CC: | xen |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | B3 [glsa] | ||
Package list: | Runtime testing required: | --- |
Description
Agostino Sarubbo
2014-11-28 11:58:57 UTC
fixed in xen-4.2.5-r3, xen-4.3.3-r3, xen-4.4.1-r4, see bug 532030 CVE-2014-8867 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-8867): The acceleration support for the "REP MOVS" instruction in Xen 4.4.x, 3.2.x, and earlier lacks properly bounds checking for memory mapped I/O (MMIO) emulated in the hypervisor, which allows local HVM guests to cause a denial of service (host crash) via unspecified vectors. CVE-2014-8866 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-8866): The compatibility mode hypercall argument translation in Xen 3.3.x through 4.4.x, when running on a 64-bit hypervisor, allows local 32-bit HVM guests to cause a denial of service (host crash) via vectors involving altering the high halves of registers while in 64-bit mode. Maintainer(s), Thank you for you for cleanup. Added to an existing GLSA Request. This issue was resolved and addressed in GLSA 201504-04 at https://security.gentoo.org/glsa/201504-04 by GLSA coordinator Yury German (BlueKnight). |