Information
| Advisory | XSA-117 |
|---|
| Public release | 2015-02-12 12:00 |
|---|
| Updated | 2015-02-12 17:41 |
|---|
| Version | 2 |
|---|
| CVE(s) | CVE-2015-0268 |
|---|
| Title | arm: vgic-v2: GICD_SGIR is not properly emulated |
|---|
Files
advisory-117.txt (signed advisory file)
xsa117.patch
Advisory
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Xen Security Advisory CVE-2015-0268 / XSA-117
version 2
arm: vgic-v2: GICD_SGIR is not properly emulated
UPDATES IN VERSION 2
====================
CVE assigned.
Mention CVE and XSA numbers in patch commit message.
Public release.
ISSUE DESCRIPTION
=================
When decoding a guest write to a specific register in the virtual
interrupt controller Xen would treat an invalid value as a critical
error and crash the host.
IMPACT
======
By writing an invalid value to the GICD.SGIR register a guest can
crash the host, resulting in a Denial of Service attack.
VULNERABLE SYSTEMS
==================
Xen 4.5 and later systems running on ARM hardware with version 2 of
the generic interrupt controller are vulnerable.
Systems running on ARM hardware with version 3 of the generic
interrupt controller are not vulnerable.
x86 systems are not affected.
MITIGATION
==========
None.
CREDITS
=======
This issue was discovered by Julien Grall.
RESOLUTION
==========
Applying the appropriate attached patch resolves this issue.
xsa117.patch Xen 4.5.x, xen-unstable
$ sha256sum xsa117*.patch
5d7c1ec3bd604ed49999a56fefeebda1206f424b1b48c0e44899f13bc1e55cd0 xsa117.patch
$
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
iQEcBAEBAgAGBQJU3OW0AAoJEIP+FMlX6CvZePcH/06WboLULU7JEfvzFqpnxpQV
XmNXCuvjcOt4d/w77a78kq8Bw8RUiDHR3f6qb+sJeNsJ1V55o0/KGgydEu+DqoF7
3bftmPDvuBcqoF3+7KupjRp0sBU+11Q/Jtb+P/0ZtVReFKGxmpg8kBura56rL3wf
iL1kMA4V0Kd4abmXXr6yUJMQuI19OZSQ43Zo7F9kOomyc7lcKB6vhnMtCiXw1F9Y
zfnyP1V1s5h77juSe01pQhEqjDlKv/NNkfJav6s7eVYVbJAwFgUP2vOZ14t2dR+o
5M8PPwF6EFBm421Z1D67caBh1ovGzeywZcrCl8nxuex+dqwomLymIMaL0P/fY6g=
=edQs
-----END PGP SIGNATURE-----
Xenproject.org Security Team