Home page logo
/

oss-sec logo oss-sec mailing list archives

Xen Security Advisory 20 (CVE-2012-4535) - Timer overflow DoS vulnerability
From: Xen.org security team <security () xen org>
Date: Tue, 13 Nov 2012 12:56:06 +0000

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

                 Xen Security Advisory CVE-2012-4535 / XSA-20
                                version 2

                       Timer overflow DoS vulnerability

UPDATES IN VERSION 2
====================

Public release.

ISSUE DESCRIPTION
=================

A guest which sets a VCPU with an inappropriate deadline can cause an
infinite loop in Xen, blocking the affected physical CPU
indefinitely.

IMPACT
======

A malicious guest administrator can trigger the bug.  If the Xen
watchdog is enabled, the whole system will crash.  Otherwise the guest
can cause the system to become completely unresponsive.

VULNERABLE SYSTEMS
==================

All versions of Xen from at least 3.4 onwards are vulnerable, to every
kind of guest.

Systems with only trusted guest kernels are not vulnerable.

MITIGATION
==========

There is no mitigation available other than to use a trusted guest
kernel.

RESOLUTION
==========

The attached patch resolves this issue.  The same patch is applicable
to all affected versions.

$ sha256sum xsa20.patch
954f43a3b912d551b6534d3962d0bab3db820222a3bff211b545e526f9161c71  xsa20.patch
$
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iQEcBAEBAgAGBQJQokGkAAoJEIP+FMlX6CvZzB0H/2H7Z/zxYOQtC2QLT77voNvI
/dCGnO+tUxcn9zsPOTkQjTmd7XrSaCdV9IoKmssZCwTBlHzRiwvFWQBinqrU8SZb
8UCv4O1zxg4Ygv/9nlJVxI8Xq9+uyxc/RaMeKlMCsW2rSKut9zmHI9HU+FT5kqG9
0vEXhZW4/MwOFbH+03LoHgjXqW8LOLNZtBg9u5rF5iCDLnltdAC//3kFXA5UG391
JAzAdBUOOaf2OAnL4tEpEV6ksmeaxjckg63P5T61MUqiFJo/5AL5tu0kEKGHF7jH
X4tDkSoV7Rbma4kNN3SbYjAkYGtsrGDeVS7HlhPbyZpKQVUJN+bSMYto3r8lVMM=
=nj9Z
-----END PGP SIGNATURE-----

Attachment: xsa20.patch
Description:


  By Date           By Thread  

Current thread:
  • Xen Security Advisory 20 (CVE-2012-4535) - Timer overflow DoS vulnerability Xen . org security team (Nov 13)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault