[Oraclevm-errata] OVMSA-2013-0004 Important: Oracle VM 3.2 xen security update

Errata Announcements for Oracle VM oraclevm-errata at oss.oracle.com
Fri Jan 18 14:36:43 PST 2013


Oracle VM Security Advisory OVMSA-2013-0004

The following updated rpms for Oracle VM 3.2 have been uploaded to the 
Unbreakable Linux Network:

x86_64:
xen-4.1.3-25.el5.1.x86_64.rpm
xen-devel-4.1.3-25.el5.1.x86_64.rpm
xen-tools-4.1.3-25.el5.1.x86_64.rpm


SRPMS:
http://oss.oracle.com/oraclevm/server/3.2/SRPMS-updates/xen-4.1.3-25.el5.1.src.rpm



Description of changes:

[4.1.3-25.el5.1]
- Xen Security Advisory CVE-2012-5634 / XSA-33 (v3)
   VT-d interrupt remapping source validation flaw
   UPDATES IN VERSION 3
   ====================
   The patch supplied for Xen 4.1 (xsa33-4.1.patch) contained a build
   error. A corrected patch is attached. The fix is also now available in
http://xenbits.xen.org/hg/xen-4.1-testing.hg as changeset
   23441:2a91623a5807
   ISSUE DESCRIPTION
   =================
   When passing a device which is behind a legacy PCI Bridge through to
   a guest Xen incorrectly configures the VT-d hardware. This could allow
   incorrect interrupts to be injected to other guests which also have
   passthrough devices.
   In a typical Xen system many devices are owned by domain 0 or driver
   domains, leaving them vulnerable to such an attack. Such a DoS is
   likely to have an impact on other guests running in the system.
   IMPACT
   ======
   A malicious domain, given access to a device which is behind a legacy
   PCI bridge, can mount a denial of service attack affecting the whole
   system.
   VULNERABLE SYSTEMS
   ==================
   Xen version 4.0 onwards is vulnerable.
   Only systems using Intel VT-d for PCI passthrough are vulnerable.
   Any domain which is given access to a PCI device that is behind a
   legacy PCI bridge can take advantage of this vulnerability.
   Domains which are given access to PCIe devices only are not able to
   take advantage of this vulnerability.
   MITIGATION
   ==========
   This issue can be avoided by not assigning PCI devices which are
   behind a legacy PCI bridge to untrusted guests.




More information about the Oraclevm-errata mailing list