|Public release ||2013-04-18 12:00|
|Updated ||2013-04-18 13:35|
|Title ||Several access permission issues with IRQs for unprivileged guests|
Filesadvisory-46.txt (signed advisory file)
-----BEGIN PGP SIGNED MESSAGE-----
Xen Security Advisory CVE-2013-1919 / XSA-46
Several access permission issues with IRQs for unprivileged guests
UPDATES IN VERSION 3
Various IRQ related access control operations may not have the
intended effect, thus potentially permitting a stub domain to grant
its client domain access to an IRQ it doesn't have access to itself.
Malicious or buggy stub domains kernels can mount a denial of service
attack possibly affecting the whole system.
Only Xen systems using stub domains are vulnerable.
Only guests with passed-through IRQs or PCI devices are able to
exploit the vulnerability.
It is remotely possible that PV guests with passthrough IRQs or
devices may also be able to exploit this vulnerability, although we
think this is unlikely.
Servicing HVM guests with passthrough IRQs or PCI devices in dom0 (ie,
not using a stub domain device model) should avoid this vulnerability.
Reconfiguring the system to disable IRQ/PCI passthrough and instead
providing the guests with appropriate paravirtualised facilities will
avoid this vulnerability.
Applying the appropriate attached patch resolves this issue.
xsa46-4.1.patch Xen 4.1.x
xsa46-4.2.patch Xen 4.2.x
$ sha256sum xsa46*.patch
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
-----END PGP SIGNATURE-----
Xenproject.org Security Team