Red Hat Bugzilla – Bug 1062331
CVE-2014-1896 xen: libvchan failure handling malicious ring indexes (xsa-86)
Last modified: 2014-02-09 20:02:16 EST
libvchan (a library for inter-domain communication) does not correctly handle unusual or malicious contents in the xenstore ring. A malicious guest can exploit this to cause a libvchan-using facility to read or write past the end of the ring.
libvchan-using facilities are vulnerable to denial of service and perhaps privilege escalation.
Red Hat would like to thank the Xen project for reporting this issue.
This issue does not affect the versions of the xen package as shipped with Red Hat Enterprise Linux 5 as it does not provide oxenstored.
This issue does not affect Red Hat Enterprise Linux 6 and Red Hat Enterprise MRG 2.
Created xen tracking bugs for this issue:
Affects: fedora-all [bug 1062335]
This was assigned CVE-2014-1896: http://seclists.org/oss-sec/2014/q1/283