[Oraclevm-errata] OVMSA-2013-0009 Important: Oracle VM 3.1 xen security update

Errata Announcements for Oracle VM oraclevm-errata at oss.oracle.com
Thu Feb 7 15:46:12 PST 2013


Oracle VM Security Advisory OVMSA-2013-0009

The following updated rpms for Oracle VM 3.1 have been uploaded to the 
Unbreakable Linux Network:

x86_64:
xen-4.1.2-18.el5.37.x86_64.rpm
xen-devel-4.1.2-18.el5.37.x86_64.rpm
xen-tools-4.1.2-18.el5.37.x86_64.rpm


SRPMS:
http://oss.oracle.com/oraclevm/server/3.1/SRPMS-updates/xen-4.1.2-18.el5.37.src.rpm



Description of changes:

[4.1.2-18.el5.37]
- oxenstored incorrect handling of certain Xenbus ring states
   Xen Security Advisory 38 (CVE-2013-0215)
   Patch xsa38.patch
   The oxenstored daemon (the ocaml version of the xenstore daemon) does
   not correctly handle unusual or malicious contents in the xenstore
   ring.  A malicious guest can exploit this to cause oxenstored to read
   past the end of the ring (and very likely crash) or to allocate large
   amounts of RAM.
   Signed-off-by Chuck Anderson <chuck.anderson at oracle.com>
   Reviewed-by: John Haxby <john.haxby at oracle.com> [bug 16273898] 
{CVE-2013-0215}

[4.1.2-18.el5.36]
- ACPI: acpi_table_parse() should return handler's error code
   Currently, the error code returned by acpi_table_parse()'s handler
   is ignored. This patch will propagate handler's return value to
   acpi_table_parse()'s caller.
   AMD,IOMMU: Clean up old entries in remapping tables when creating new
   interrupt mapping.
   When changing the affinity of an IRQ associated with a passed
   through PCI device, clear previous mapping.
   In addition, because some BIOSes may incorrectly program IVRS
   entries for IOAPIC try to check for entry's consistency. Specifically,
   if conflicting entries are found disable IOMMU if per-device
   remapping table is used. If entries refer to bogus IOAPIC IDs
   disable IOMMU unconditionally
   AMD,IOMMU: Disable IOMMU if SATA Combined mode is on
   AMD's SP5100 chipset can be placed into SATA Combined mode
   that may cause prevent dom0 from booting when IOMMU is
   enabled and per-device interrupt remapping table is used.
   While SP5100 erratum 28 requires BIOSes to disable this mode,
   some may still use it.
   This patch checks whether this mode is on and, if per-device
   table is in use, disables IOMMU.
   AMD,IOMMU: Make per-device interrupt remapping table default
   Using global interrupt remapping table may be insecure, as
   described by XSA-36. This patch makes per-device mode default.
   This is XSA-36 / CVE-2013-0153.
   Signed-off-by: Jan Beulich <jbeulich at suse.com>
   Signed-off-by: Boris Ostrovsky <boris.ostrovsky at amd.com>
   Signed-off-by: Chuck Anderson <chuck.anderson at oracle.com>
   Reviewed-by: John Haxby <john.haxby at oracle.com> [bug 16243169] 
{CVE-2013-0153}




More information about the Oraclevm-errata mailing list