Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 464546 (CVE-2013-0216, XSA-39) - Kernel: Xen Netback bug in VIFs - Guests can cause a DoS (loop) by triggering ring pointer corruption.
Summary: Kernel: Xen Netback bug in VIFs - Guests can cause a DoS (loop) by triggering...
Alias: CVE-2013-0216, XSA-39
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Gentoo Kernel Security
Depends on: CVE-2014-6416
  Show dependency tree
Reported: 2013-04-04 09:32 UTC by Luca Lesinigo
Modified: 2019-03-11 03:42 UTC (History)
5 users (show)

See Also:
Package list:
Runtime testing required: ---


Note You need to log in before you can comment on or make changes to this bug.
Description Luca Lesinigo 2013-04-04 09:32:55 UTC
Kernel commit 0366100 [1] modified xen-netback and introduced a regression where the Domain-0 will sometimes completely cut network traffic to the vif interface of a DomU. As an example, we got one or two lockups every day to some Ubuntu-10.04 DomUs, while Gentoo DomU running recent kernels never locked up, and some Windows DomU running GPL-PV network drivers never locked too: this started after upgrading our Domain-0 systems from gentoo-sources-3.7.4 to gentoo-sources-3.7.10.

That commit addresses CVE-2013-0216 [2] and XSA-39 [3] and is present in all linux versions >= 3.7.8. As far as I can tell the same behavior is present up to and including the current 3.8.5 kernel, so current users of the 3.7.x branch have no means of upgrading to a "stable" release.

Since this is causing complete network failure for some Xen guests I'd ask the current gentoo-sources-3.7.10 to be marked unstable.

The regression seems to be known and a fix is being discussed[4] but while we wait I'd ask to either revert commit 0366100 in recent gentoo-sources and/or restore a gentoo-sources ebuild >=3.7.1 and <=3.7.7 so we have a working version to use.

Comment 1 Thomas Deutschmann (RETIRED) gentoo-dev 2016-11-30 00:09:29 UTC
All LTS kernel patched and stable. Waiting for stable sys-kernel/gentoo-sources-3.4er ebuild...
Comment 2 Tomáš Mózes 2018-12-10 09:39:57 UTC
Security, can you please close this obsolete one? Thanks