Summary: | <app-emulation/xen-{4.2.5-r8,4.4.2-r1,4.5.0-r5}: multiple vulnerabilities (CVE-2015-{2751,2752,2756}) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Agostino Sarubbo <ago> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | minor | CC: | k_f, xen |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | B3 [glsa] | ||
Package list: | Runtime testing required: | --- |
Description
Agostino Sarubbo
2015-03-31 12:45:23 UTC
*** Bug 543654 has been marked as a duplicate of this bug. *** fixed in following versions: app-emulation/xen-4.5.0-r5 app-emulation/xen-4.4.2-r1 app-emulation/xen-4.2.5-r8 app-emulation/xen-tools-4.5.0-r3 app-emulation/xen-tools-4.4.2-r1 app-emulation/xen-tools-4.2.5-r4 Arches, please test and mark stable: =app-emulation/xen-4.2.5-r8 =app-emulation/xen-tools-4.2.5-r4 Target keywords Both : "amd64 x86" =app-emulation/xen-4.4.2-r1 =app-emulation/xen-tools-4.4.2-r1 =app-emulation/xen-pvgrub-4.4.2 Target keywords Only: "amd64" why on earth did you duplicate this bug already made days 'ago' with comments re its progress? I support dlan's decision to bump with the patches we have that DO take and work. version 4.3 has a troublesome 1, xsa126-qemuu-4.3.patch that is the source of the holdup in that version amd64 stable x86 stable. Maintainer(s), please cleanup. Security, please vote. Cancel ref to version 4.3 which had been dropped. 03 Apr 2015; Yixun Lan <dlan@gentoo.org> -xen-4.2.5-r6.ebuild, -xen-4.2.5-r7.ebuild, -xen-4.4.2.ebuild, -xen-4.5.0-r4.ebuild: drop old after new stabilization 03 Apr 2015; Yixun Lan <dlan@gentoo.org> -xen-tools-4.2.5-r3.ebuild, -xen-tools-4.4.2.ebuild, -xen-tools-4.5.0-r2.ebuild: drop old after new stabilization CVE-2015-2756 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-2756): QEMU, as used in Xen 3.3.x through 4.5.x, does not properly restrict access to PCI command registers, which might allow local HVM guest users to cause a denial of service (non-maskable interrupt and host crash) by disabling the (1) memory or (2) I/O decoding for a PCI Express device and then accessing the device, which triggers an Unsupported Request (UR) response. CVE-2015-2752 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-2752): The XEN_DOMCTL_memory_mapping hypercall in Xen 3.2.x through 4.5.x, when using a PCI passthrough device, is not preemptable, which allows local x86 HVM domain users to cause a denial of service (host CPU consumption) via a crafted request to the device model (qemu-dm). CVE-2015-2751 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-2751): Xen 4.3.x, 4.4.x, and 4.5.x, when using toolstack disaggregation, allows remote domains with partial management control to cause a denial of service (host lock) via unspecified domctl operations. Arches and Maintainer(s), Thank you for your work. Added to an existing GLSA Request. This issue was resolved and addressed in GLSA 201504-04 at https://security.gentoo.org/glsa/201504-04 by GLSA coordinator Yury German (BlueKnight). |