[Pkg-xen-devel] Bug#730254: xen: CVE-2013-6375: Insufficient TLB flushing in VT-d (iommu) code
Henri Salo
henri at nerv.fi
Sat Nov 23 09:41:29 UTC 2013
Package: xen
Version: 4.0.1-5.11
Severity: important
Tags: security, patch, fixed-upstream
http://www.openwall.com/lists/oss-security/2013/11/21/2
Description:
An inverted boolean parameter resulted in TLB flushes not happening
upon clearing of a present translation table entry. Retaining stale
TLB entries could allow guests access to memory that ought to have
been revoked, or grant greater access than intended.
Impact:
Malicious guest administrators might be able to cause host-wide denial
of service, or escalate their privilege to that of the host.
Patch attached. Please patch this security vulnerability, thanks.
-- System Information:
Debian Release: jessie/sid
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)
Kernel: Linux 3.11-2-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) (ignored: LC_ALL set to en_US.UTF-8)
Shell: /bin/sh linked to /bin/dash
-------------- next part --------------
A non-text attachment was scrubbed...
Name: xsa78.patch
Type: text/x-diff
Size: 888 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-xen-devel/attachments/20131123/05f79b54/attachment.patch>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: Digital signature
URL: <http://lists.alioth.debian.org/pipermail/pkg-xen-devel/attachments/20131123/05f79b54/attachment.sig>
More information about the Pkg-xen-devel
mailing list