[prev in list] [next in list] [prev in thread] [next in thread]
List: oss-security
Subject: [oss-security] [vendor-sec] [oss-security] New Xen ioemu: PVFB backend issue
From: Jan Lieskovsky <jlieskov () redhat ! com>
Date: 2008-05-21 17:15:00
Message-ID: 1211390100.7929.6.camel () dhcp-lab-164 ! englab ! brq ! redhat ! com
[Download RAW message or body]
Hello guys,
on May the 15th, the following report has been posted to the
xen-unstable list:
Problem description:
====================
ioemu: Fix PVFB backend to limit frame buffer size
The recent fix to validate the frontend's frame buffer description
neglected to limit the frame buffer size correctly. This lets a
malicious frontend make the backend attempt to map an arbitrary amount
of guest memory, which could be useful for a denial of service attack
against dom0.
Proposed fix:
============
http://xenbits.xensource.com/xen-unstable.hg?rev/9044705960cb30cec385bdca7305bcf7db096721
As this vulnerability has security implications, we have assigned
CVE-2008-1952 to it. Please use it when referring to this issue.
Kind regards
Jan iankko Lieskovsky
RH kernel Security Response Team
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic