[Oraclevm-errata] OVMSA-2014-0026 Important: Oracle VM 3.2 xen security update

Errata Announcements for Oracle VM oraclevm-errata at oss.oracle.com
Wed Oct 1 09:01:04 PDT 2014


Oracle VM Security Advisory OVMSA-2014-0026

The following updated rpms for Oracle VM 3.2 have been uploaded to the 
Unbreakable Linux Network:

x86_64:
xen-4.1.3-25.el5.94.1.4.x86_64.rpm
xen-devel-4.1.3-25.el5.94.1.4.x86_64.rpm
xen-tools-4.1.3-25.el5.94.1.4.x86_64.rpm


SRPMS:
http://oss.oracle.com/oraclevm/server/3.2/SRPMS-updates/xen-4.1.3-25.el5.94.1.4.src.rpm



Description of changes:

[4.1.3-25.el5.94.1.4]
- x86/HVM: properly bound x2APIC MSR range
   This is XSA-108.
   Additional changelog comments added to 4.1.3-25.el5.94.1.3
   Signed-off-by: Chuck Anderson <chuck.anderson at oracle.com> [bug 
19698532] {CVE-2014-7188}

[4.1.3-25.el5.94.1.3]
- Fix for bug 19698532
   Signed-off-by: Chuck Anderson <chuck.anderson at oracle.com> [bug 19698532]

[4.1.3-25.el5.94.1.2]
- x86emul: only emulate software interrupt injection for real mode
   Protected mode emulation currently lacks proper privilege checking of
   the referenced IDT entry, and there's currently no legitimate way for
   any of the respective instructions to reach the emulator when the guest
   is in protected mode.
   This is XSA-106.
   Reported-by: Andrei LUTAS <vlutas at bitdefender.com>
   Signed-off-by: Jan Beulich <jbeulich at suse.com>
   Acked-by: Keir Fraser <keir at xen.org>
   Signed-off-by: Chuck Anderson <chuck.anderson at oracle.com> [bug 
19699779] {CVE-2014-7156}

[4.1.3-25.el5.94.1.1]
- x86/emulate: check cpl for all privileged instructions
   Without this, it is possible for userspace to load its own IDT or GDT.
   This is XSA-105.
   Reported-by: Andrei LUTAS <vlutas at bitdefender.com>
   Signed-off-by: Andrew Cooper <andrew.cooper3 at citrix.com>
   Reviewed-by: Jan Beulich <jbeulich at suse.com>
   Tested-by: Andrei LUTAS <vlutas at bitdefender.com>
   Signed-off-by: Chuck Anderson <chuck.anderson at oracle.com> [bug 
19699770] {CVE-2014-7155}




More information about the Oraclevm-errata mailing list