Bastian Blank
2011-Apr-16 12:26 UTC
[Pkg-xen-changes] r874 - in branches/squeeze-security/xen/debian: . patches
Author: waldi
Date: Sat Apr 16 12:25:55 2011
New Revision: 874
Log:
* debian/changelog: Prepare to release (4.0.1-3).
* debian/patches/series: Update.
* debian/patches/upstream-21461:ee088a0b5cb8-CVE-2011-1166:
Fix check for existance of user-mode page tables.
Added:
branches/squeeze-security/xen/debian/patches/upstream-21461:ee088a0b5cb8-CVE-2011-1166
Modified:
branches/squeeze-security/xen/debian/changelog
branches/squeeze-security/xen/debian/patches/series
Modified: branches/squeeze-security/xen/debian/changelog
=============================================================================---
branches/squeeze-security/xen/debian/changelog Fri Apr 15 11:03:40 2011 (r873)
+++ branches/squeeze-security/xen/debian/changelog Sat Apr 16 12:25:55 2011
(r874)
@@ -1,3 +1,10 @@
+xen (4.0.1-3) stable-security; urgency=low
+
+ * Fix check for existance of user-mode page tables.
+ CVE-2011-1166
+
+ -- Bastian Blank <waldi at debian.org> Sat, 16 Apr 2011 12:15:01 +0000
+
xen (4.0.1-2) unstable; urgency=low
* Fix races in memory management.
Modified: branches/squeeze-security/xen/debian/patches/series
=============================================================================---
branches/squeeze-security/xen/debian/patches/series Fri Apr 15 11:03:40 2011
(r873)
+++ branches/squeeze-security/xen/debian/patches/series Sat Apr 16 12:25:55 2011
(r874)
@@ -68,3 +68,4 @@
upstream-21407:4e689840622f
upstream-21409:a45388506790
upstream-21413:b05fa0652463
+upstream-21461:ee088a0b5cb8-CVE-2011-1166
Added:
branches/squeeze-security/xen/debian/patches/upstream-21461:ee088a0b5cb8-CVE-2011-1166
=============================================================================---
/dev/null 00:00:00 1970 (empty, because file is newly added)
+++
branches/squeeze-security/xen/debian/patches/upstream-21461:ee088a0b5cb8-CVE-2011-1166
Sat Apr 16 12:25:55 2011 (r874)
@@ -0,0 +1,30 @@
+# HG changeset patch
+# User Tim Deegan <Tim.Deegan at citrix.com>
+# Date 1300122058 0
+# Node ID ee088a0b5cb89793da67abb3cc389f42247bba98
+# Parent b024d5ecc1943c0d74bfc04cb440ea96159e429b
+x86_64: fix error checking in arch_set_info_guest()
+
+Cannot specify user mode execution without specifying user-mode
+pagetables.
+
+Signed-off-by: Tim Deegan <Tim.Deegan at citrix.com>
+Acked-by: Keir Fraser <keir at xen.org>
+xen-unstable changeset: 23034:c79aae866ad8
+xen-unstable date: Mon Mar 14 16:59:49 2011 +0000
+
+diff -r b024d5ecc194 -r ee088a0b5cb8 xen/arch/x86/domain.c
+--- a/xen/arch/x86/domain.c Mon Mar 14 16:58:08 2011 +0000
++++ b/xen/arch/x86/domain.c Mon Mar 14 17:00:58 2011 +0000
+@@ -780,6 +780,11 @@
+
+ v->arch.guest_table_user = pagetable_from_pfn(cr3_pfn);
+ }
++ else if ( !(flags & VGCF_in_kernel) )
++ {
++ destroy_gdt(v);
++ return -EINVAL;
++ }
+ }
+ else
+ {