Information
| Advisory | XSA-245 |
|---|
| Public release | 2017-09-28 17:26 |
|---|
| Updated | 2023-12-15 15:35 |
|---|
| Version | 3 |
|---|
| CVE(s) | CVE-2017-17046 |
|---|
| Title | ARM: Some memory not scrubbed at boot |
|---|
Files
advisory-245.txt (signed advisory file)
xsa245.meta
xsa245/0001-xen-page_alloc-Cover-memory-unreserved-after-boot-in.patch
xsa245/0002-xen-arm-Correctly-report-the-memory-region-in-the-du.patch
Advisory
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Xen Security Advisory CVE-2017-17046 / XSA-245
version 3
ARM: Some memory not scrubbed at boot
UPDATES IN VERSION 3
====================
Normalize version tags
NOTE REGARDING LACK OF EMBARGO
==============================
This bug was discussed publicly before it was realised that it was a
security vulnerability.
ISSUE DESCRIPTION
=================
Data can remain readable in DRAM across soft and even hard reboots.
To ensure that sensitive data is not leaked from one domain to another
after a reboot, Xen must "scrub" all memory on boot (write it with
zeroes).
Unfortunately, it was discovered that when memory was in disjoint blocks,
or when the first block didn't begin at physical address 0, arithmetic
errors meant that some memory was not scrubbed.
IMPACT
======
Sensitive information from one domain before a reboot might be visible
to another domain after a reboot.
VULNERABLE SYSTEMS
==================
Only ARM systems are vulnerable.
All versions of Xen since 4.5 are vulnerable.
Only hardware with disjoint blocks, or physical addresses not starting at 0
are vulnerable; this includes the majority of ARM systems.
MITIGATION
==========
None.
RESOLUTION
==========
Applying the appropriate attached patches resolves this issue.
xsa245/*.patch Xen (All versions)
$ sha256sum xsa245* xsa245*/*
121829263b85fcb5eac8e38fb44e77d3aab1dd7ae6ef665bf84bb49e5e161d24 xsa245.meta
526f9e1b127fbb316762ce8e8f4563bc9de0c55a1db581456a3017d570d35bdd xsa245/0001-xen-page_alloc-Cover-memory-unreserved-after-boot-in.patch
7164010112fcccd9cd88e72ace2eeabdb364dd6f4d05c434686267d18067f420 xsa245/0002-xen-arm-Correctly-report-the-memory-region-in-the-du.patch
$
-----BEGIN PGP SIGNATURE-----
iQFABAEBCAAqFiEEI+MiLBRfRHX6gGCng/4UyVfoK9kFAmV8b/cMHHBncEB4ZW4u
b3JnAAoJEIP+FMlX6CvZ61wH/jgt5kcdlwzHnABoj9kWyd83WkiG9Rut5qlfhva8
Lnsw/fkkp9XNJzB5I4W1a6GGb/jF3lR+Xzz7RPhS7FL17Cb+NvglNbq66AJ7jiyq
NL1gUBgyO5cT8xL8NWWh5h9L/kt25N6lH/8Pr6uNmui4gYM9slSOvC6eiFj6dUa2
q5qpt6U+A5n8iYHHFuCIfY213CuRb/ltlbFGuRlpyPr8fhM3+ViWN5M1HCEMnvAn
qtIL9JuHEUONsCRK3o7FHdaHm60uF5S5hL8ETSnxWiOf7bJrfytU6D6y44tCcCQ+
6bVesvdZzgQR07dpSAaGvHMCt1y+WU2fCQ2sRus9+iA01QM=
=Vejn
-----END PGP SIGNATURE-----
Xenproject.org Security Team