Xen.org security team
2012-Nov-13 12:56 UTC
Xen Security Advisory 20 (CVE-2012-4535) - Timer overflow DoS vulnerability
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Xen Security Advisory CVE-2012-4535 / XSA-20
version 2
Timer overflow DoS vulnerability
UPDATES IN VERSION 2
===================
Public release.
ISSUE DESCRIPTION
================
A guest which sets a VCPU with an inappropriate deadline can cause an
infinite loop in Xen, blocking the affected physical CPU
indefinitely.
IMPACT
=====
A malicious guest administrator can trigger the bug. If the Xen
watchdog is enabled, the whole system will crash. Otherwise the guest
can cause the system to become completely unresponsive.
VULNERABLE SYSTEMS
=================
All versions of Xen from at least 3.4 onwards are vulnerable, to every
kind of guest.
Systems with only trusted guest kernels are not vulnerable.
MITIGATION
=========
There is no mitigation available other than to use a trusted guest
kernel.
RESOLUTION
=========
The attached patch resolves this issue. The same patch is applicable
to all affected versions.
$ sha256sum xsa20.patch
954f43a3b912d551b6534d3962d0bab3db820222a3bff211b545e526f9161c71 xsa20.patch
$
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iQEcBAEBAgAGBQJQokGkAAoJEIP+FMlX6CvZzB0H/2H7Z/zxYOQtC2QLT77voNvI
/dCGnO+tUxcn9zsPOTkQjTmd7XrSaCdV9IoKmssZCwTBlHzRiwvFWQBinqrU8SZb
8UCv4O1zxg4Ygv/9nlJVxI8Xq9+uyxc/RaMeKlMCsW2rSKut9zmHI9HU+FT5kqG9
0vEXhZW4/MwOFbH+03LoHgjXqW8LOLNZtBg9u5rF5iCDLnltdAC//3kFXA5UG391
JAzAdBUOOaf2OAnL4tEpEV6ksmeaxjckg63P5T61MUqiFJo/5AL5tu0kEKGHF7jH
X4tDkSoV7Rbma4kNN3SbYjAkYGtsrGDeVS7HlhPbyZpKQVUJN+bSMYto3r8lVMM=nj9Z
-----END PGP SIGNATURE-----
_______________________________________________
Xen-users mailing list
Xen-users@lists.xen.org
http://lists.xen.org/xen-users