From ${URL} : Xen Security Advisory CVE-2015-0268 / XSA-117 version 2 arm: vgic-v2: GICD_SGIR is not properly emulated UPDATES IN VERSION 2 ==================== CVE assigned. Mention CVE and XSA numbers in patch commit message. Public release. ISSUE DESCRIPTION ================= When decoding a guest write to a specific register in the virtual interrupt controller Xen would treat an invalid value as a critical error and crash the host. IMPACT ====== By writing an invalid value to the GICD.SGIR register a guest can crash the host, resulting in a Denial of Service attack. VULNERABLE SYSTEMS ================== Xen 4.5 and later systems running on ARM hardware with version 2 of the generic interrupt controller are vulnerable. Systems running on ARM hardware with version 3 of the generic interrupt controller are not vulnerable. x86 systems are not affected. MITIGATION ========== None. CREDITS ======= This issue was discovered by Julien Grall. RESOLUTION ========== Applying the appropriate attached patch resolves this issue. xsa117.patch Xen 4.5.x, xen-unstable @maintainer(s): since the package or the affected version has never been marked as stable, we don't need to stabilize it. After the bump, please remove the affected versions from the tree.
only ARCH=arm affected, and this is already solved in recent version.
CVE-2015-0268 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0268): The vgic_v2_to_sgi function in arch/arm/vgic-v2.c in Xen 4.5.x, when running on ARM hardware with general interrupt controller (GIC) version 2, allows local guest users to cause a denial of service (host crash) by writing an invalid value to the GICD.SGIR register.
