Information
| Advisory | XSA-43 |
|---|
| Public release | 2013-02-05 12:00 |
|---|
| Updated | 2023-12-15 15:35 |
|---|
| Version | 3 |
|---|
| CVE(s) | CVE-2013-0231 |
|---|
| Title | Linux pciback DoS via not rate limited log messages. |
|---|
Files
advisory-43.txt (signed advisory file)
xsa43-classic.patch
xsa43-pvops.patch
Advisory
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Xen Security Advisory CVE-2013-0231 / XSA-43
version 3
Linux pciback DoS via not rate limited log messages.
UPDATES IN VERSION 3
====================
Normalize version tags
ISSUE DESCRIPTION
=================
Xen's PCI backend drivers in Linux allow a guest with assigned PCI device(s)
to cause a DoS through a flood of kernel messages, potentially affecting other
domains in the system.
IMPACT
======
A malicious guest can mount a DoS affecting the entire system.
VULNERABLE SYSTEMS
==================
All systems running guests with access to passed through PCI devices are
vulnerable.
Both mainline ("pvops") and classic-Xen patch kernels are affected.
MITIGATION
==========
This issue can be avoided by not assigning PCI devices to untrusted
guests.
RESOLUTION
==========
Applying the appropriate attached patch resolves this issue.
xsa43-pvops.patch Linux 3.8-rc5
xsa43-classic.patch linux-2.6.18-xen
$ sha256sum xsa43*.patch
4dec2d9b043bce2b8b54578573ba254fa7e6cbf4640cd100f40d8bf8a5a6a470 xsa43-classic.patch
6efe83c9951dcba20f18095814d19089e19230c6876bbdab32cc2f1165bb07c8 xsa43-pvops.patch
$
-----BEGIN PGP SIGNATURE-----
iQFABAEBCAAqFiEEI+MiLBRfRHX6gGCng/4UyVfoK9kFAmV8b+cMHHBncEB4ZW4u
b3JnAAoJEIP+FMlX6CvZpNYH/0G+ZuO58kAmQmdipltTbv0fsf1XMoi/PiayNyfC
lyPTM9VUtCDDtkznzbYVUjfjqG+c6SWPf0dQplVPFMvYtDFHMJsBlCKFg+cI66vw
DbEavWPLjqFDhrGVTs1hCRbhKPwnBKXsIreP41afDcJX9wzUCmQzigmd83EICO7u
0lV6bKumndvi5oA9LYfBWRKBF+XNG87aIANpRl130stcQJZWwtl7BU3qnkhdIIyq
USxDrF4Eutp62fTEa3tVm6uLyk722v4B7J0LyOlKHq+lw5mrKs2U/HpAHxhvYoji
WLTX/BXOI1g36Rlxd/Lk4ebH4+Kc1jpvnD0PEgVa8Y9vekU=
=aqZA
-----END PGP SIGNATURE-----
Xenproject.org Security Team