Difference between revisions of "Security Announcements (Historical)"

From Xen
m (Formatting)
(Add references to fixes for XSA-7 through -9)
Line 88: Line 88:
 
: 12 June 2012 (public disclosure)
 
: 12 June 2012 (public disclosure)
 
; References
 
; References
  +
: [http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0217 CVE-2012-0217]
: CVE-2012-0217
 
 
; Advisory
 
; Advisory
 
: http://lists.xen.org/archives/html/xen-announce/2012-06/msg00001.html
 
: http://lists.xen.org/archives/html/xen-announce/2012-06/msg00001.html
  +
; Fixes
  +
: xen-unstable.hg: [http://xenbits.xen.org/hg/xen-unstable.hg/rev/76eaf5966c05 25480:76eaf5966c05]
  +
: xen-4.1-testing.hg: [http://xenbits.xen.org/hg/xen-4.1-testing.hg/rev/f08e61b9b33f 23299:f08e61b9b33f]
  +
: xen-4.0-testing.hg: [http://xenbits.xen.org/hg/xen-4.0-testing.hg/rev/dd367837e089 21590:dd367837e089]
   
 
= XSA-8 guest denial of service on syscall/sysenter exception generation =
 
= XSA-8 guest denial of service on syscall/sysenter exception generation =
Line 96: Line 100:
 
: 12 June 2012 (public disclosure)
 
: 12 June 2012 (public disclosure)
 
; References
 
; References
  +
: [http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0218 CVE-2012-0218]
: CVE-2012-0218
 
 
; Advisory
 
; Advisory
 
: http://lists.xen.org/archives/html/xen-announce/2012-06/msg00003.html
 
: http://lists.xen.org/archives/html/xen-announce/2012-06/msg00003.html
  +
; Fixes
  +
: xen-unstable.hg: [http://xenbits.xen.org/hg/xen-unstable.hg/rev/80f4113be500 25200:80f4113be500] & [http://xenbits.xen.org/hg/xen-unstable.hg/rev/569d6f05e1ef 25204:569d6f05e1ef]
  +
: xen-4.1-testing.hg: [http://xenbits.xen.org/hg/xen-4.1-testing.hg/rev/0fec1afa4638 23300:0fec1afa4638]
  +
: xen-4.0-testing.hg: [http://xenbits.xen.org/hg/xen-4.0-testing.hg/rev/adb943a387c8 21591:adb943a387c8]
   
 
= XSA-9 PV guest host Denial of Service (AMD erratum #121) =
 
= XSA-9 PV guest host Denial of Service (AMD erratum #121) =
Line 104: Line 112:
 
: 12 June 2012 (public disclosure)
 
: 12 June 2012 (public disclosure)
 
; References
 
; References
  +
: [http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2934 CVE-2012-2934]
: CVE-2012-2934
 
 
; Advisory
 
; Advisory
 
: http://lists.xen.org/archives/html/xen-announce/2012-06/msg00002.html
 
: http://lists.xen.org/archives/html/xen-announce/2012-06/msg00002.html
  +
; Fixes
  +
: xen-unstable.hg: [http://xenbits.xen.org/hg/xen-unstable.hg/rev/bc2f3a848f9a 25481:bc2f3a848f9a]
  +
: xen-4.1-testing.hg: [http://xenbits.xen.org/hg/xen-4.1-testing.hg/rev/a9c0a89c08f2 23301:a9c0a89c08f2]
  +
: xen-4.0-testing.hg: [http://xenbits.xen.org/hg/xen-4.0-testing.hg/rev/e35c8bb53255 21592:e35c8bb53255]
   
 
<!-- Template:
 
<!-- Template:

Revision as of 15:35, 27 July 2012

The following security advisories have been made in accordance with the xen.org security problem response process.

Please contact security@xen.org if you wish to disclose a security vulnerability.

XSA-1 Host crash due to failure to correctly validate PV kernel execution state.

Date
14 March 2011
References
CVE-2011-1166
Advisory
Cannot specify user mode execution without specifying user-mode pagetables. Failure to validate this allows a malicious or buggy 64 bit PV guest to crash the host.
nb: predates vulnerability handling process and therefore no formal announcement
Fixes
xen-unstable.hg: 23034:c79aae866ad8
xen-4.1-testing.hg: 22993:842aed720b84
xen-4.0-testing.hg: 21461:ee088a0b5cb8

XSA-2 PV kernel validation vulnerabilities

Date
9 May 2011
References
CVE-2011-1583
Advisory
http://lists.xen.org/archives/html/xen-devel/2011-05/msg00483.html
Fixes
xen-unstable.hg: 23322:d9982136d8fa
xen-4.1-testing.hg: 23042:e2e575f8b5d9
xen-4.0-testing.hg: 21482:c2adc059e931

XSA-3 VT-d (PCI passthrough) MSI

Date
12 May 2011
References
CVE-2011-1898
Advisory
http://lists.xen.org/archives/html/xen-devel/2011-05/msg00687.html
Fixes
xen-unstable.hg: 23337:cc91832a02c7
xen-4.1-testing.hg: 23046:ed630a821de1
xen-4.0-testing.hg: 21485:b85a9e58ec3a

XSA-4 Xen 3.3 vaddr validation

Date
2 September 2011
References
CVE-2011-2901
Advisory
http://lists.xen.org/archives/html/xen-devel/2011-09/msg00119.html
Fixes
xen-unstable.hg: 23800:72edc40e2942
nb: although the off-by-one error was fixed in the above changeset only Xen version 3.3 and earlier were vulnerable due to this error.

XSA-5 IOMMU Fault Live lock

Date
12 August 2011
References
CVE-2011-3131
Advisory
http://lists.xen.org/archives/html/xen-devel/2011-08/msg00450.html
Fixes
xen-unstable.hg: 23762:537ed3b74b3f
xen-4.1-testing.hg: 23112:84e3706df07a
xen-4.0-testing.hg: 21535:789ff1a462b8

XSA-6 HVM e1000, buffer overflow

Date
2 February 2012
References
CVE-2012-0029
Advisory
http://lists.xen.org/archives/html/xen-devel/2012-02/msg00212.html
Fixes
qemu-xen-unstable.git: ebe37b2a3f844bad02dcc30d081f39eda06118f8
qemu-xen-4.1-testing.git: 3cf61880403b4e484539596a95937cc066243388
qemu-xen-4.0-testing.git: 36984c285a765541b04f378bfa84d2c850c167d3

In each case the QEMU_TAG in the corresponding xen.hg repository has been updated so that a completely fresh build will pick up the fix:

xen-unstable.hg: 24673:fcc071c31e3a
xen-4.1-testing.hg: 23224:cccd6c68e1b9
xen-4.0-testing.hg: 21563:3feb83eed6bd

XSA-7 64-bit PV guest privilege escalation vulnerability

Date
12 June 2012 (public disclosure)
References
CVE-2012-0217
Advisory
http://lists.xen.org/archives/html/xen-announce/2012-06/msg00001.html
Fixes
xen-unstable.hg: 25480:76eaf5966c05
xen-4.1-testing.hg: 23299:f08e61b9b33f
xen-4.0-testing.hg: 21590:dd367837e089

XSA-8 guest denial of service on syscall/sysenter exception generation

Date
12 June 2012 (public disclosure)
References
CVE-2012-0218
Advisory
http://lists.xen.org/archives/html/xen-announce/2012-06/msg00003.html
Fixes
xen-unstable.hg: 25200:80f4113be500 & 25204:569d6f05e1ef
xen-4.1-testing.hg: 23300:0fec1afa4638
xen-4.0-testing.hg: 21591:adb943a387c8

XSA-9 PV guest host Denial of Service (AMD erratum #121)

Date
12 June 2012 (public disclosure)
References
CVE-2012-2934
Advisory
http://lists.xen.org/archives/html/xen-announce/2012-06/msg00002.html
Fixes
xen-unstable.hg: 25481:bc2f3a848f9a
xen-4.1-testing.hg: 23301:a9c0a89c08f2
xen-4.0-testing.hg: 21592:e35c8bb53255