Client area
Free Trial

Xen 3.4.4 RPM Update (CVE-2012-3494 CVE-2012-3496)

Update RPM’s for Xen 3.4.4 are available from our repo http://wiki.solusvm.com/index.php?title=Software_Repositories

Changelog:

Security patches for CVE-2012-3494 & CVE-2012-3496

CVE-2012-3494

http://seclists.org/oss-sec/2012/q3/376

[quote]
Xen Security Advisory CVE-2012-3494 / XSA-12
version 3

hypercall set_debugreg vulnerability

UPDATES IN VERSION 3
====================

Public release.

ISSUE DESCRIPTION
=================

set_debugreg allows writes to reserved bits of the DR7 debug control
register on x86-64.

IMPACT
======

A malicious guest can cause the host to crash, leading to a DoS.

If the vulnerable hypervisor is run on future hardware, the impact of
the vulnerability might be widened depending on the future assignment
of the currently-reserved debug register bits.

VULNERABLE SYSTEMS
==================

All systems running 64-bit paravirtualised guests.

The vulnerability dates back to at least Xen 4.0. 4.0, 4.1, the 4.2
RCs, and xen-unstable.hg are all vulnerable.

MITIGATION
==========

This issue can be mitigated by ensuring (inside the guest) that the
kernel is trustworthy, or by running only 32-bit or HVM guests.[/quote]

CVE-2012-3496

http://seclists.org/oss-sec/2012/q3/378

[quote] Xen Security Advisory CVE-2012-3496 / XSA-14
version 3

XENMEM_populate_physmap DoS vulnerability

UPDATES IN VERSION 3
====================

Public release. Credit Matthew Daley.

ISSUE DESCRIPTION
=================

XENMEM_populate_physmap can be called with invalid flags. By calling
it with MEMF_populate_on_demand flag set, a BUG can be triggered if a
translating paging mode is not being used.

IMPACT
======

A malicious guest kernel can crash the host.

VULNERABLE SYSTEMS
==================

All Xen systems running PV guests. Systems running only HVM guests
are not vulnerable.

The vulnerability dates back to at least Xen 4.0. 4.0, 4.1, the 4.2
RCs, and xen-unstable.hg are all vulnerable.

MITIGATION
==========

This issue can be mitigated by ensuring that the guest kernel is
trustworthy or by running only HVM guests.

RESOLUTION
==========

Applying the appropriate attached patch will resolve the issue.

CREDIT
======

Thanks to Matthew Daley for finding this vulnerability (and that in
XSA-12) and notifying the Xen.org security team.[/quote]

Leave a Reply

Your email address will not be published. Required fields are marked *

Have you read enough?

Embrace the trial

Schaffhausen (Global Headquarters)
Vordergasse 59
8200 Schaffhausen / CH

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Ut elit tellus, luctus nec ullamcorper mattis, pulvinar dapibus leo.

Pricing
SolusVM 1.0
Features

Documentation
Support
UserVoice
Free Course

Release Notes
Privacy Policy
Terms of Service
GDPR Processors

PRODUCT
Pricing
SolusVM 1.0
Features
Blog

SUPPORT
Documentation
Support
UserVoice
Free Course

LEGAL
Release Notes
Privacy Policy
Terms of Service
GDPR Processors

© 2024 WebPros International GmbH. All rights reserved. Plesk and the Plesk logo are trademarks of WebPros International GmbH.