'Re: [oss-security] CVE request: xen: x86-64: don't crash Xen upon'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    Re: [oss-security] CVE request: xen: x86-64: don't crash Xen upon
From:       Josh Bressers <bressers () redhat ! com>
Date:       2010-11-30 15:42:37
Message-ID: 1561504.844751291131757945.JavaMail.root () zmail01 ! collab ! prod ! int ! phx2 ! redhat ! com
[Download RAW message or body]

Please use CVE-2010-4255 for this.

Thanks.

-- 
    JB


----- "Eugene Teo" <eugene@redhat.com> wrote:

> handle_gdt_ldt_mapping_fault() is intended to deal with indirect 
> accesses (i.e. those caused by descriptor loads) to the GDT/LDT
> mapping 
> area only. While for 32-bit segment limits indeed prevent the function
> 
> being entered for direct accesses (i.e. a #GP fault will be raised
> even 
> before the address translation gets done, on 64-bit even user mode 
> accesses would lead to control reaching the BUG_ON() at the beginning
> of 
> that function.
> 
> http://lists.xensource.com/archives/html/xen-devel/2010-11/msg01650.html
> https://bugzilla.redhat.com/show_bug.cgi?id=658155
> 
> Thanks, Eugene
[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic