Information

AdvisoryXSA-117
Public release 2015-02-12 12:00
Updated 2015-02-12 17:41
Version 2
CVE(s) CVE-2015-0268
Title arm: vgic-v2: GICD_SGIR is not properly emulated

Files

advisory-117.txt (signed advisory file)
xsa117.patch

Advisory


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

            Xen Security Advisory CVE-2015-0268 / XSA-117
                              version 2

           arm: vgic-v2: GICD_SGIR is not properly emulated

UPDATES IN VERSION 2
====================

CVE assigned.

Mention CVE and XSA numbers in patch commit message.

Public release.

ISSUE DESCRIPTION
=================

When decoding a guest write to a specific register in the virtual
interrupt controller Xen would treat an invalid value as a critical
error and crash the host.

IMPACT
======

By writing an invalid value to the GICD.SGIR register a guest can
crash the host, resulting in a Denial of Service attack.

VULNERABLE SYSTEMS
==================

Xen 4.5 and later systems running on ARM hardware with version 2 of
the generic interrupt controller are vulnerable.

Systems running on ARM hardware with version 3 of the generic
interrupt controller are not vulnerable.

x86 systems are not affected.

MITIGATION
==========

None.

CREDITS
=======

This issue was discovered by Julien Grall.

RESOLUTION
==========

Applying the appropriate attached patch resolves this issue.

xsa117.patch        Xen 4.5.x, xen-unstable

$ sha256sum xsa117*.patch
5d7c1ec3bd604ed49999a56fefeebda1206f424b1b48c0e44899f13bc1e55cd0  xsa117.patch
$
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQEcBAEBAgAGBQJU3OW0AAoJEIP+FMlX6CvZePcH/06WboLULU7JEfvzFqpnxpQV
XmNXCuvjcOt4d/w77a78kq8Bw8RUiDHR3f6qb+sJeNsJ1V55o0/KGgydEu+DqoF7
3bftmPDvuBcqoF3+7KupjRp0sBU+11Q/Jtb+P/0ZtVReFKGxmpg8kBura56rL3wf
iL1kMA4V0Kd4abmXXr6yUJMQuI19OZSQ43Zo7F9kOomyc7lcKB6vhnMtCiXw1F9Y
zfnyP1V1s5h77juSe01pQhEqjDlKv/NNkfJav6s7eVYVbJAwFgUP2vOZ14t2dR+o
5M8PPwF6EFBm421Z1D67caBh1ovGzeywZcrCl8nxuex+dqwomLymIMaL0P/fY6g=
=edQs
-----END PGP SIGNATURE-----


Xenproject.org Security Team