Comment 1 Micheal Marineau (RETIRED) 2008-05-08 18:41:16 UTC

(In reply to comment #0)
> CVE-2008-1619 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1619):
>   The ssm_i emulation in Xen 5.1 on IA64 architectures allows attackers to
>   cause a denial of service (dom0 panic) via certain traffic, as demonstrated
>   using an FTP stress test tool.
> 

Xen 5.1? There is no such thing, is it referring to the enterprise version? Also we haven't keyworded or even tested Xen on IA64 so Gentoo is unaffected.

Comment 2 Robert Buchholz (RETIRED) 2008-05-08 19:14:27 UTC

The bug was reported to Redhat: https://bugzilla.redhat.com/show_bug.cgi?id=437770
Unfortunately, all information has been removed from the bug.

The version is probably a mix-up because it was reported in version 5.1 of RedHat. I don't know if it is ia64 specific. 

Comment 3 Robert Buchholz (RETIRED) 2008-05-08 19:24:17 UTC

Created attachment 152505 [details, diff]
linux-2.6-xen-ia64-fix-ssm_i-emulation-barrier-and-vdso-pv.patch

Extracted from kernel-2.6.18-53.1.19.el5.src.rpm

Comment 4 Robert Buchholz (RETIRED) 2008-05-08 19:25:16 UTC

From the patch I could confirm this is specific to the IA64 tree. Closing as INVALID because it does not affect Gentoo, as Michael pointed out.