Project

General

Profile

Bug #3460

Bug #3456: xen: one more issue pack (CVE-2014-7154, CVE-2014-7155, CVE-2014-7156, CVE-2014-7188)

[v3.0] xen: one more issue pack (CVE-2014-7154, CVE-2014-7155, CVE-2014-7156, CVE-2014-7188)

Added by Alexander Belous over 4 years ago. Updated over 4 years ago.

Status:
Closed
Priority:
Normal
Category:
Security
Target version:
Start date:
10/17/2014
Due date:
% Done:

100%

Estimated time:
Affected versions:
Security IDs:

Description

CVE-2014-7154 / XSA-104: Race condition in HVMOP_track_dirty_vram

VULNERABLE SYSTEMS: Xen versions from 4.0.0 onwards are vulnerable. This vulnerability is only applicable to Xen systems using stub domains or other forms of disaggregation of control domains for HVM guests.

RESOLUTION: Applying patch xsa104.patch (xen-unstable, Xen 4.4.x, Xen 4.3.x, Xen 4.2.x) resolves this issue. You can find the patch by the link below.
http://seclists.org/oss-sec/2014/q3/att-635/xsa104.patch

CVE-2014-7155 / XSA-105: Missing privilege level checks in x86 HLT, LGDT, LIDT, and LMSW emulation

VULNERABLE SYSTEMS: Xen versions from at least 3.2.x onwards are vulnerable. Older versions have not been inspected. Only user processes in HVM guests can take advantage of this vulnerability.

RESOLUTION: Applying patch xsa105.patch resolves this issue (xen-unstable, Xen 4.4.x, Xen 4.3.x, Xen 4.2.x). You can find the patch by the link below.
http://seclists.org/oss-sec/2014/q3/att-637/xsa105.patch

CVE-2014-7156 / XSA-106: Missing privilege level checks in x86 emulation of software interrupts

VULNERABLE SYSTEMS: Xen versions from 3.3 onwards are vulnerable. Only user processes in HVM guests can take advantage of this vulnerability.

RESOLUTION: Applying patch xsa106.patch resolves this issue (xen-unstable, Xen 4.4.x, Xen 4.3.x, Xen 4.2.x). You can find the patch by the link below.
http://seclists.org/oss-sec/2014/q3/att-636/xsa106.patch

CVE-2014-7188 / XSA-108: Improper MSR range used for x2APIC emulation

VULNERABLE SYSTEMS: Xen 4.1 and onward are vulnerable. Only x86 systems are vulnerable. ARM systems are not vulnerable.

RESOLUTION: Applying patch xsa108.patch (xen-unstable, Xen 4.4.x, Xen 4.3.x, Xen 4.2.x) resolves this issue. You can find the patch by the link below.
http://seclists.org/oss-sec/2014/q4/att-7/xsa108.patch

References:
http://seclists.org/oss-sec/2014/q3/635
http://seclists.org/oss-sec/2014/q3/637
http://seclists.org/oss-sec/2014/q3/636
http://seclists.org/oss-sec/2014/q4/7

Associated revisions

Revision 165a0d9b (diff)
Added by Natanael Copa over 4 years ago

main/xen: security fixes (CVE-2014-7154, CVE-2014-7155, CVE-2014-7156)

XSA-104 CVE-2014-7154 Race condition in HVMOP_track_dirty_vram
XSA-105 CVE-2014-7155 Missing privilege level checks in x86 HLT, LGDT,
LIDT, and LMSW emulation
XSA-106 CVE-2014-7156 Missing privilege level checks in x86 emulation
of software interrupts

fixes #3460

History

#1 Updated by Natanael Copa over 4 years ago

  • Status changed from New to Resolved
  • % Done changed from 0 to 100

#2 Updated by Natanael Copa over 4 years ago

  • Category set to Security
  • Status changed from Resolved to Closed

Also available in: Atom PDF