Bug 425381 (CVE-2007-6416)
| Summary: | CVE-2007-6416 [RHEL 5.2] [XEN/IA64] Security: vulnerability of copy_to_user in PAL emulation | ||||||
|---|---|---|---|---|---|---|---|
| Product: | [Other] Security Response | Reporter: | Jarod Wilson <jarod> | ||||
| Component: | vulnerability | Assignee: | Jarod Wilson <jarod> | ||||
| Status: | CLOSED ERRATA | QA Contact: | Martin Jenner <mjenner> | ||||
| Severity: | high | Docs Contact: | |||||
| Priority: | urgent | ||||||
| Version: | unspecified | CC: | kreilly, xen-maint | ||||
| Target Milestone: | --- | Keywords: | Security | ||||
| Target Release: | --- | ||||||
| Hardware: | ia64 | ||||||
| OS: | Linux | ||||||
| Whiteboard: | |||||||
| Fixed In Version: | Doc Type: | Bug Fix | |||||
| Doc Text: | Story Points: | --- | |||||
| Clone Of: | Environment: | ||||||
| Last Closed: | 2008-07-25 08:56:10 UTC | Type: | --- | ||||
| Regression: | --- | Mount Type: | --- | ||||
| Documentation: | --- | CRM: | |||||
| Verified Versions: | Category: | --- | |||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||
| Embargoed: | |||||||
| Bug Depends On: | 425938, 425939 | ||||||
| Bug Blocks: | |||||||
| Attachments: |
|
||||||
" A security vulnerability was found in Xen's PAL emulation for ia64 machines. Such an HVM guest could access arbitrary physical memory on the host. This could make sensitive information available to unauthorized users. (CVE-2007-6416, Important). " This issue was addressed in: Red Hat Enterprise Linux: http://rhn.redhat.com/errata/RHSA-2008-0089.html |
Created attachment 289892 [details] Back-port of copy_to_user fix for RHEL5