'[oss-security] CVE-2010-3699 xen: guest->host denial of service from invalid xenbus'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    [oss-security] CVE-2010-3699 xen: guest->host denial of service from invalid xenbus
From:       Eugene Teo <eugene () redhat ! com>
Date:       2010-11-25 5:40:46
Message-ID: 4CEDF6DE.4080607 () redhat ! com
[Download RAW message or body]

A guest can cause the backend driver to leak a kernel thread. Such 
leaked threads hold references to the device, which makes the device 
impossible to tear down. If shut down, the guest remains a zombie 
domain, the xenwatch process hangs, and most xm commands will stop working.

Upstream commit:
http://xenbits.xen.org/linux-2.6.18-xen.hg?rev/59f097ef181b

Reference:
https://bugzilla.redhat.com/show_bug.cgi?id=636411

Thanks, Eugene
[prev in list] [next in list] [prev in thread] [next in thread]

Configure | About | News | Add a list | Sponsored by KoreLogic