[Pkg-xen-devel] Bug#976109: Bug#976109: xen: CVE-2020-29040
Hans van Kranenburg
hans at knorrie.org
Mon Nov 30 11:36:55 GMT 2020
Hi,
On 11/29/20 8:50 PM, Salvatore Bonaccorso wrote:
> Source: xen
> Version: 4.14.0+80-gd101b417b7-1
> Severity: grave
> Tags: security upstream
> Justification: user security hole
> X-Debbugs-Cc: carnil at debian.org, Debian Security Team <team at security.debian.org>
>
> Hi,
>
> The following vulnerability was published for xen.
>
> CVE-2020-29040[0]:
> | An issue was discovered in Xen through 4.14.x allowing x86 HVM guest
> | OS users to cause a denial of service (stack corruption), cause a data
> | leak, or possibly gain privileges because of an off-by-one error.
> | NOTE: this issue is caused by an incorrect fix for CVE-2020-27671.
Yes, there's also a limited number of cases in which this is possible,
and you just left that text out, which makes it sound a lot more
horrible: "Only x86 HVM guests which have physical devices passed
through to them can leverage the vulnerability.".
I suspect that if anyone today is using Debian testing to run Xen and
also is passing through devices is doing that to test performance use
cases and not to untrusted guests.
> If you fix the vulnerability please also make sure to include the
> CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
Yes, it will off course be included in next upload.
Hans
More information about the Pkg-xen-devel
mailing list