[gentoo-announce] [ GLSA 201309-24 ] Xen: Multiple vulnerabilities - gentoo-announce

From:	Chris Reffett <creffett@g.o>
To:	gentoo-announce@g.o
Subject:	[gentoo-announce] [ GLSA 201309-24 ] Xen: Multiple vulnerabilities
Date:	Fri, 27 Sep 2013 20:45:34
Message-Id:	`5245ED39.6070008@gentoo.org`

1

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

2

Gentoo Linux Security Advisory                           GLSA 201309-24

3

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

4

                                            http://security.gentoo.org/

5

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

6

7

 Severity: High

8

    Title: Xen: Multiple vulnerabilities

9

     Date: September 27, 2013

10

     Bugs: #385319, #386371, #420875, #431156, #454314, #464724,

11

           #472214, #482860

12

       ID: 201309-24

13

14

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

15

16

Synopsis

17

========

18

19

Multiple vulnerabilities have been found in Xen, allowing attackers on

20

a Xen Virtual Machine to execute arbitrary code, cause Denial of

21

Service, or gain access to data on the host.

22

23

Background

24

==========

25

26

Xen is a bare-metal hypervisor.

27

28

Affected packages

29

=================

30

31

    -------------------------------------------------------------------

32

     Package              /     Vulnerable     /            Unaffected

33

    -------------------------------------------------------------------

34

  1  app-emulation/xen           < 4.2.2-r1               >= 4.2.2-r1

35

  2  app-emulation/xen-tools     < 4.2.2-r3               >= 4.2.2-r3

36

  3  app-emulation/xen-pvgrub

37

                                 < 4.2.2-r1               >= 4.2.2-r1

38

    -------------------------------------------------------------------

39

     3 affected packages

40

41

Description

42

===========

43

44

Multiple vulnerabilities have been discovered in Xen. Please review the

45

CVE identifiers referenced below for details.

46

47

Impact

48

======

49

50

Guest domains could possibly gain privileges, execute arbitrary code,

51

or cause a Denial of Service on the host domain (Dom0). Additionally,

52

guest domains could gain information about other virtual machines

53

running on the same host or read arbitrary files on the host.

54

55

Workaround

56

==========

57

58

The CVEs listed below do not currently have fixes, but only apply to

59

Xen setups which have "tmem" specified on the hypervisor command line.

60

TMEM is not currently supported for use in production systems, and

61

administrators using tmem should disable it.

62

Relevant CVEs:

63

* CVE-2012-2497

64

* CVE-2012-6030

65

* CVE-2012-6031

66

* CVE-2012-6032

67

* CVE-2012-6033

68

* CVE-2012-6034

69

* CVE-2012-6035

70

* CVE-2012-6036

71

72

Resolution

73

==========

74

75

All Xen users should upgrade to the latest version:

76

77

  # emerge --sync

78

  # emerge --ask --oneshot --verbose ">=app-emulation/xen-4.2.2-r1"

79

80

All Xen-tools users should upgrade to the latest version:

81

82

  # emerge --sync

83

  # emerge --ask --oneshot -v ">=app-emulation/xen-tools-4.2.2-r3"

84

85

All Xen-pvgrub users should upgrade to the latest version:

86

87

  # emerge --sync

88

  # emerge --ask --oneshot -v ">=app-emulation/xen-pvgrub-4.2.2-r1"

89

90

References

91

==========

92

93

[  1 ] CVE-2011-2901

94

       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2901

95

[  2 ] CVE-2011-3262

96

       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3262

97

[  3 ] CVE-2011-3262

98

       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3262

99

[  4 ] CVE-2012-0217

100

       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0217

101

[  5 ] CVE-2012-0218

102

       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0218

103

[  6 ] CVE-2012-2934

104

       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2934

105

[  7 ] CVE-2012-3432

106

       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3432

107

[  8 ] CVE-2012-3433

108

       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3433

109

[  9 ] CVE-2012-3494

110

       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3494

111

[ 10 ] CVE-2012-3495

112

       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3495

113

[ 11 ] CVE-2012-3496

114

       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3496

115

[ 12 ] CVE-2012-3497

116

       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3497

117

[ 13 ] CVE-2012-3498

118

       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3498

119

[ 14 ] CVE-2012-3515

120

       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3515

121

[ 15 ] CVE-2012-4411

122

       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4411

123

[ 16 ] CVE-2012-4535

124

       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4535

125

[ 17 ] CVE-2012-4536

126

       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4536

127

[ 18 ] CVE-2012-4537

128

       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4537

129

[ 19 ] CVE-2012-4538

130

       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4538

131

[ 20 ] CVE-2012-4539

132

       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4539

133

[ 21 ] CVE-2012-5510

134

       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5510

135

[ 22 ] CVE-2012-5511

136

       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5511

137

[ 23 ] CVE-2012-5512

138

       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5512

139

[ 24 ] CVE-2012-5513

140

       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5513

141

[ 25 ] CVE-2012-5514

142

       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5514

143

[ 26 ] CVE-2012-5515

144

       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5515

145

[ 27 ] CVE-2012-5525

146

       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5525

147

[ 28 ] CVE-2012-5634

148

       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5634

149

[ 29 ] CVE-2012-6030

150

       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-6030

151

[ 30 ] CVE-2012-6031

152

       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-6031

153

[ 31 ] CVE-2012-6032

154

       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-6032

155

[ 32 ] CVE-2012-6033

156

       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-6033

157

[ 33 ] CVE-2012-6034

158

       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-6034

159

[ 34 ] CVE-2012-6035

160

       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-6035

161

[ 35 ] CVE-2012-6036

162

       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-6036

163

[ 36 ] CVE-2012-6075

164

       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-6075

165

[ 37 ] CVE-2012-6333

166

       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-6333

167

[ 38 ] CVE-2013-0151

168

       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0151

169

[ 39 ] CVE-2013-0152

170

       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0152

171

[ 40 ] CVE-2013-0153

172

       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0153

173

[ 41 ] CVE-2013-0154

174

       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0154

175

[ 42 ] CVE-2013-0215

176

       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0215

177

[ 43 ] CVE-2013-1432

178

       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1432

179

[ 44 ] CVE-2013-1917

180

       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1917

181

[ 45 ] CVE-2013-1918

182

       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1918

183

[ 46 ] CVE-2013-1919

184

       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1919

185

[ 47 ] CVE-2013-1920

186

       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1920

187

[ 48 ] CVE-2013-1922

188

       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1922

189

[ 49 ] CVE-2013-1952

190

       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1952

191

[ 50 ] CVE-2013-1964

192

       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1964

193

[ 51 ] CVE-2013-2076

194

       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2076

195

[ 52 ] CVE-2013-2077

196

       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2077

197

[ 53 ] CVE-2013-2078

198

       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2078

199

[ 54 ] CVE-2013-2194

200

       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2194

201

[ 55 ] CVE-2013-2195

202

       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2195

203

[ 56 ] CVE-2013-2196

204

       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2196

205

[ 57 ] CVE-2013-2211

206

       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2211

207

[ 58 ] Xen TMEM

208

       http://lists.xen.org/archives/html/xen-announce/2012-09/msg00006.html

209

210

Availability

211

============

212

213

This GLSA and any updates to it are available for viewing at

214

the Gentoo Security Website:

215

216

 http://security.gentoo.org/glsa/glsa-201309-24.xml

217

218

Concerns?

219

=========

220

221

Security is a primary focus of Gentoo Linux and ensuring the

222

confidentiality and security of our users' machines is of utmost

223

importance to us. Any security concerns should be addressed to

224

security@g.o or alternatively, you may file a bug at

225

https://bugs.gentoo.org.

226

227

License

228

=======

229

230

Copyright 2013 Gentoo Foundation, Inc; referenced text

231

belongs to its owner(s).

232

233

The contents of this document are licensed under the

234

Creative Commons - Attribution / Share Alike license.

235

236

http://creativecommons.org/licenses/by-sa/2.5

Gentoo Archives: gentoo-announce

Attachments

1	- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
2	Gentoo Linux Security Advisory GLSA 201309-24
3	- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
4	http://security.gentoo.org/
5	- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
6
7	Severity: High
8	Title: Xen: Multiple vulnerabilities
9	Date: September 27, 2013
10	Bugs: #385319, #386371, #420875, #431156, #454314, #464724,
11	#472214, #482860
12	ID: 201309-24
13
14	- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
15
16	Synopsis
17	========
18
19	Multiple vulnerabilities have been found in Xen, allowing attackers on
20	a Xen Virtual Machine to execute arbitrary code, cause Denial of
21	Service, or gain access to data on the host.
22
23	Background
24	==========
25
26	Xen is a bare-metal hypervisor.
27
28	Affected packages
29	=================
30
31	-------------------------------------------------------------------
32	Package / Vulnerable / Unaffected
33	-------------------------------------------------------------------
34	1 app-emulation/xen < 4.2.2-r1 >= 4.2.2-r1
35	2 app-emulation/xen-tools < 4.2.2-r3 >= 4.2.2-r3
36	3 app-emulation/xen-pvgrub
37	< 4.2.2-r1 >= 4.2.2-r1
38	-------------------------------------------------------------------
39	3 affected packages
40
41	Description
42	===========
43
44	Multiple vulnerabilities have been discovered in Xen. Please review the
45	CVE identifiers referenced below for details.
46
47	Impact
48	======
49
50	Guest domains could possibly gain privileges, execute arbitrary code,
51	or cause a Denial of Service on the host domain (Dom0). Additionally,
52	guest domains could gain information about other virtual machines
53	running on the same host or read arbitrary files on the host.
54
55	Workaround
56	==========
57
58	The CVEs listed below do not currently have fixes, but only apply to
59	Xen setups which have "tmem" specified on the hypervisor command line.
60	TMEM is not currently supported for use in production systems, and
61	administrators using tmem should disable it.
62	Relevant CVEs:
63	* CVE-2012-2497
64	* CVE-2012-6030
65	* CVE-2012-6031
66	* CVE-2012-6032
67	* CVE-2012-6033
68	* CVE-2012-6034
69	* CVE-2012-6035
70	* CVE-2012-6036
71
72	Resolution
73	==========
74
75	All Xen users should upgrade to the latest version:
76
77	# emerge --sync
78	# emerge --ask --oneshot --verbose ">=app-emulation/xen-4.2.2-r1"
79
80	All Xen-tools users should upgrade to the latest version:
81
82	# emerge --sync
83	# emerge --ask --oneshot -v ">=app-emulation/xen-tools-4.2.2-r3"
84
85	All Xen-pvgrub users should upgrade to the latest version:
86
87	# emerge --sync
88	# emerge --ask --oneshot -v ">=app-emulation/xen-pvgrub-4.2.2-r1"
89
90	References
91	==========
92
93	[ 1 ] CVE-2011-2901
94	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2901
95	[ 2 ] CVE-2011-3262
96	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3262
97	[ 3 ] CVE-2011-3262
98	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3262
99	[ 4 ] CVE-2012-0217
100	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0217
101	[ 5 ] CVE-2012-0218
102	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0218
103	[ 6 ] CVE-2012-2934
104	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2934
105	[ 7 ] CVE-2012-3432
106	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3432
107	[ 8 ] CVE-2012-3433
108	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3433
109	[ 9 ] CVE-2012-3494
110	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3494
111	[ 10 ] CVE-2012-3495
112	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3495
113	[ 11 ] CVE-2012-3496
114	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3496
115	[ 12 ] CVE-2012-3497
116	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3497
117	[ 13 ] CVE-2012-3498
118	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3498
119	[ 14 ] CVE-2012-3515
120	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3515
121	[ 15 ] CVE-2012-4411
122	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4411
123	[ 16 ] CVE-2012-4535
124	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4535
125	[ 17 ] CVE-2012-4536
126	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4536
127	[ 18 ] CVE-2012-4537
128	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4537
129	[ 19 ] CVE-2012-4538
130	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4538
131	[ 20 ] CVE-2012-4539
132	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4539
133	[ 21 ] CVE-2012-5510
134	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5510
135	[ 22 ] CVE-2012-5511
136	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5511
137	[ 23 ] CVE-2012-5512
138	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5512
139	[ 24 ] CVE-2012-5513
140	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5513
141	[ 25 ] CVE-2012-5514
142	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5514
143	[ 26 ] CVE-2012-5515
144	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5515
145	[ 27 ] CVE-2012-5525
146	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5525
147	[ 28 ] CVE-2012-5634
148	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5634
149	[ 29 ] CVE-2012-6030
150	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-6030
151	[ 30 ] CVE-2012-6031
152	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-6031
153	[ 31 ] CVE-2012-6032
154	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-6032
155	[ 32 ] CVE-2012-6033
156	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-6033
157	[ 33 ] CVE-2012-6034
158	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-6034
159	[ 34 ] CVE-2012-6035
160	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-6035
161	[ 35 ] CVE-2012-6036
162	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-6036
163	[ 36 ] CVE-2012-6075
164	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-6075
165	[ 37 ] CVE-2012-6333
166	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-6333
167	[ 38 ] CVE-2013-0151
168	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0151
169	[ 39 ] CVE-2013-0152
170	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0152
171	[ 40 ] CVE-2013-0153
172	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0153
173	[ 41 ] CVE-2013-0154
174	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0154
175	[ 42 ] CVE-2013-0215
176	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0215
177	[ 43 ] CVE-2013-1432
178	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1432
179	[ 44 ] CVE-2013-1917
180	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1917
181	[ 45 ] CVE-2013-1918
182	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1918
183	[ 46 ] CVE-2013-1919
184	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1919
185	[ 47 ] CVE-2013-1920
186	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1920
187	[ 48 ] CVE-2013-1922
188	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1922
189	[ 49 ] CVE-2013-1952
190	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1952
191	[ 50 ] CVE-2013-1964
192	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1964
193	[ 51 ] CVE-2013-2076
194	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2076
195	[ 52 ] CVE-2013-2077
196	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2077
197	[ 53 ] CVE-2013-2078
198	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2078
199	[ 54 ] CVE-2013-2194
200	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2194
201	[ 55 ] CVE-2013-2195
202	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2195
203	[ 56 ] CVE-2013-2196
204	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2196
205	[ 57 ] CVE-2013-2211
206	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2211
207	[ 58 ] Xen TMEM
208	http://lists.xen.org/archives/html/xen-announce/2012-09/msg00006.html
209
210	Availability
211	============
212
213	This GLSA and any updates to it are available for viewing at
214	the Gentoo Security Website:
215
216	http://security.gentoo.org/glsa/glsa-201309-24.xml
217
218	Concerns?
219	=========
220
221	Security is a primary focus of Gentoo Linux and ensuring the
222	confidentiality and security of our users' machines is of utmost
223	importance to us. Any security concerns should be addressed to
224	security@g.o or alternatively, you may file a bug at
225	https://bugs.gentoo.org.
226
227	License
228	=======
229
230	Copyright 2013 Gentoo Foundation, Inc; referenced text
231	belongs to its owner(s).
232
233	The contents of this document are licensed under the
234	Creative Commons - Attribution / Share Alike license.
235
236	http://creativecommons.org/licenses/by-sa/2.5