Otkriveno je više sigurnosnih propusta u radu programskog paketa Xen. Zloćudni korisnik spomenute ranjivosti može iskoristiti za dobivanje većih ovlasti, izvršavanje proizvoljnog programskog koda te napad uskraćivanjem usluga (DoS).
Paket: | xen 4.x |
Operacijski sustavi: | Fedora 15, Fedora 16, Fedora 17 |
Kritičnost: | 7.4 |
Problem: | cjelobrojno prepisivanje, pogreška u programskoj funkciji, pogreška u programskoj komponenti, preljev međuspremnika |
Iskorištavanje: | lokalno/udaljeno |
Posljedica: | dobivanje većih privilegija, proizvoljno izvršavanje programskog koda, uskraćivanje usluga (DoS) |
Rješenje: | programska zakrpa proizvođača |
CVE: | CVE-2012-0217, CVE-2012-0218, CVE-2012-2934, CVE-2012-2625, CVE-2012-0029, CVE-2011-3131, CVE-2011-1898, CVE-2011-1583 |
Izvorni ID preporuke: | FEDORA-2012-9386 |
Izvor: | Fedora |
Problem: | |
Sigurnosni propusti se javljaju zbog pogrešne implementacije komponente "User Mode Scheduler", preljeva međuspremnika u funkciji "process_tx_desc", višestrukih cjelobrojnih prepisivanja u datoteci "xc_dom_bzimageloader.c", itd. |
|
Posljedica: | |
Zloćudni korisnik spomenute ranjivosti može iskoristiti za DoS (eng. Denial of Service) napad, dobivanje većih privilegija te proizvoljno pokretanje programskog koda. |
|
Rješenje: | |
Svim se korisnicima savjetuje primjena zakrpa. |
Izvorni tekst preporuke
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2012-9386
2012-06-14 23:37:19
--------------------------------------------------------------------------------
Name : xen
Product : Fedora 17
Version : 4.1.2
Release : 20.fc17
URL : http://xen.org/
Summary : Xen is a virtual machine monitor
Description :
This package contains the XenD daemon and xm command line
tools, needed to manage virtual machines running under the
Xen hypervisor
--------------------------------------------------------------------------------
Update Information:
64-bit PV guest privilege escalation vulnerability [CVE-2012-0217],
guest denial of service on syscall/sysenter exception generation
[CVE-2012-0218],
PV guest host Denial of Service [CVE-2012-2934]
Enable xenconsoled by default under systemd,
adjust xend.service systemd file to avoid selinux problems
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jun 12 2012 Michael Young <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 4.1.2-20
- Apply three security patches
64-bit PV guest privilege escalation vulnerability [CVE-2012-0217]
guest denial of service on syscall/sysenter exception generation
[CVE-2012-0218]
PV guest host Denial of Service [CVE-2012-2934]
* Sat Jun 9 2012 Michael Young <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 4.1.2-19
- adjust xend.service systemd file to avoid selinux problems
* Fri Jun 8 2012 Michael Young <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 4.1.2-18
- Enable xenconsoled by default under systemd (#829732)
* Thu May 17 2012 Michael Young <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 4.1.2-16 4.1.2-17
- make pygrub cope better with big files from guest (#818412 CVE-2012-2625)
- add patch from 4.1.3-rc2-pre to build on F17/8
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #829732 - xenconsoled should be stared by default
https://bugzilla.redhat.com/show_bug.cgi?id=829732
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update xen' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
_______________________________________________
package-announce mailing list
Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.
https://admin.fedoraproject.org/mailman/listinfo/package-announce
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2012-9430
2012-06-14 23:39:50
--------------------------------------------------------------------------------
Name : xen
Product : Fedora 15
Version : 4.1.2
Release : 8.fc15
URL : http://xen.org/
Summary : Xen is a virtual machine monitor
Description :
This package contains the XenD daemon and xm command line
tools, needed to manage virtual machines running under the
Xen hypervisor
--------------------------------------------------------------------------------
Update Information:
make pygrub cope better with big files from guest
(#818412 CVE-2012-2625), 64-bit PV guest privilege escalation vulnerability
[CVE-2012-0217], guest denial of service on syscall/sysenter exception
generation [CVE-2012-0218], PV guest host Denial of Service [CVE-2012-2934]
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jun 13 2012 Michael Young <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 4.1.2-8
- make pygrub cope better with big files from guest (#818412 CVE-2012-2625)
- 64-bit PV guest privilege escalation vulnerability [CVE-2012-0217]
- guest denial of service on syscall/sysenter exception generation
[CVE-2012-0218]
- PV guest host Denial of Service [CVE-2012-2934]
* Tue May 8 2012 Michael Young <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 4.1.2-7
- Make the udev tap rule more specific as it breaks openvpn (#819452)
- load xen-acpi-processor module (kernel 3.4 onwards) if present
* Thu Feb 2 2012 Michael Young <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 4.1.2-6
- Fix buffer overflow in e1000 emulation for HVM guests [CVE-2012-0029]
* Sat Jan 28 2012 Michael Young <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 4.1.2-5
- Start building xen's ocaml libraries if appropriate unless --without ocaml
was specified
- add some backported patches from xen unstable (via Debian) for some
ocaml tidying and fixes
* Sun Jan 15 2012 Michael Young <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 4.1.2-4
- actually apply the xend-pci-loop.patch
- compile fixes for gcc-4.7
* Wed Jan 11 2012 Michael Young <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 4.1.2-3
- Add xend-pci-loop.patch to stop xend crashing with weird PCI cards (#767742)
- avoid a backtrace if xend can't log to the standard file or a
temporary directory (part of #741042)
* Mon Nov 21 2011 Michael Young <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 4.1.2-2
- Fix lost interrupts on emulated devices
- stop xend crashing if its state files are empty at start up
- avoid a python backtrace if xend is run on bare metal
- update grub2 configuration after the old hypervisor has gone
- move blktapctrl to systemd
- Drop obsolete dom0-kernel.repo file
* Fri Oct 21 2011 Michael Young <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 4.1.2-1
- update to 4.1.2
remove upstream patches xen-4.1-testing.23104 and xen-4.1-testing.23112
* Fri Oct 14 2011 Michael Young <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 4.1.1-8
- more pygrub improvements for grub2 on guest
* Thu Oct 13 2011 Michael Young <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 4.1.1-7
- make pygrub work better with GPT partitions and grub2 on guest
* Thu Sep 29 2011 Michael Young <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 4.1.1-5 4.1.1-6
- improve systemd functionality
* Wed Sep 28 2011 Michael Young <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 4.1.1-4
- lsb header fixes - xenconsoled shutdown needs xenstored to be running
- partial migration to systemd to fix shutdown delays
- update grub2 configuration after hypervisor updates
* Sun Aug 14 2011 Michael Young <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 4.1.1-3
- untrusted guest controlling PCI[E] device can lock up host CPU [CVE-2011-3131]
* Wed Jul 20 2011 Michael Young <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 4.1.1-2
- clean up patch to solve a problem with hvmloader compiled with gcc 4.6
* Wed Jun 15 2011 Michael Young <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 4.1.1-1
- update to 4.1.1
includes various bugfixes and fix for [CVE-2011-1898] guest with pci
passthrough can gain privileged access to base domain
- remove upstream cve-2011-1583-4.1.patch
* Mon May 9 2011 Michael Young <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 4.1.0-2
- Overflows in kernel decompression can allow root on xen PV guest to gain
privileged access to base domain, or access to xen configuration info.
Lack of error checking could allow DoS attack from guest [CVE-2011-1583]
- Don't require /usr/bin/qemu-nbd as it isn't used at present.
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update xen' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
_______________________________________________
package-announce mailing list
Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.
https://admin.fedoraproject.org/mailman/listinfo/package-announce
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2012-9399
2012-06-14 23:38:06
--------------------------------------------------------------------------------
Name : xen
Product : Fedora 16
Version : 4.1.2
Release : 8.fc16
URL : http://xen.org/
Summary : Xen is a virtual machine monitor
Description :
This package contains the XenD daemon and xm command line
tools, needed to manage virtual machines running under the
Xen hypervisor
--------------------------------------------------------------------------------
Update Information:
make pygrub cope better with big files from guest
(#818412 CVE-2012-2625), 64-bit PV guest privilege escalation vulnerability
[CVE-2012-0217], guest denial of service on syscall/sysenter exception
generation [CVE-2012-0218], PV guest host Denial of Service [CVE-2012-2934]
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jun 13 2012 Michael Young <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 4.1.2-8
- make pygrub cope better with big files from guest (#818412 CVE-2012-2625)
- 64-bit PV guest privilege escalation vulnerability [CVE-2012-0217]
- guest denial of service on syscall/sysenter exception generation
[CVE-2012-0218]
- PV guest host Denial of Service [CVE-2012-2934]
* Tue May 8 2012 Michael Young <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 4.1.2-7
- Make the udev tap rule more specific as it breaks openvpn (#819452)
- load xen-acpi-processor module (kernel 3.4 onwards) if present
* Thu Feb 2 2012 Michael Young <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 4.1.2-6
- Fix buffer overflow in e1000 emulation for HVM guests [CVE-2012-0029]
* Sat Jan 28 2012 Michael Young <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 4.1.2-5
- Start building xen's ocaml libraries if appropriate unless --without ocaml
was specified
- add some backported patches from xen unstable (via Debian) for some
ocaml tidying and fixes
* Sun Jan 15 2012 Michael Young <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 4.1.2-4
- actually apply the xend-pci-loop.patch
- compile fixes for gcc-4.7
* Wed Jan 11 2012 Michael Young <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 4.1.2-3
- Add xend-pci-loop.patch to stop xend crashing with weird PCI cards (#767742)
- avoid a backtrace if xend can't log to the standard file or a
temporary directory (part of #741042)
* Mon Nov 21 2011 Michael Young <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 4.1.2-2
- Fix lost interrupts on emulated devices
- stop xend crashing if its state files are empty at start up
- avoid a python backtrace if xend is run on bare metal
- update grub2 configuration after the old hypervisor has gone
- move blktapctrl to systemd
- Drop obsolete dom0-kernel.repo file
* Fri Oct 21 2011 Michael Young <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 4.1.2-1
- update to 4.1.2
remove upstream patches xen-4.1-testing.23104 and xen-4.1-testing.23112
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update xen' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
_______________________________________________
package-announce mailing list
Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.
https://admin.fedoraproject.org/mailman/listinfo/package-announce
Posljednje sigurnosne preporuke