634670 – app-emulation/xen: lock mishandling creates denial of service on ARM guests

Bug 634670 - app-emulation/xen: lock mishandling creates denial of service on ARM guests

Summary: app-emulation/xen: lock mishandling creates denial of service on ARM guests

Status:	RESOLVED DUPLICATE of bug 629678

Alias:	None

Product:	Gentoo Security
Classification:	Unclassified
Component:	Vulnerabilities (show other bugs)
Hardware:	ARM Linux

Importance:	Normal normal (vote)
Assignee:	Gentoo Security

URL:	https://xenbits.xen.org/xsa/advisory-...
Whiteboard:	~3 [ebuild cve]
Keywords:

Depends on:
Blocks:

Reported:	2017-10-18 17:46 UTC by Aleksandr Wagner (Kivak)
Modified:	2017-11-30 07:21 UTC (History)
CC List:	2 users (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Aleksandr Wagner (Kivak) 2017-10-18 17:46:43 UTC

CVE-2017-15596 (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15596):

An issue was discovered in Xen 4.4.x through 4.9.x allowing ARM guest OS users to cause a denial of service (prevent physical CPU usage) because of lock mishandling upon detection of an add-to-physmap error. 

References:

https://xenbits.xen.org/xsa/advisory-235.html


Note: Only ARM is affected, the patch is located in the reference.

Comment 1 Yury German Gentoo Infrastructure

2017-11-30 07:17:09 UTC


*** This bug has been marked as a duplicate of bug 629678 ***