Bug 1148422 - CVE-2014-7188 - Improper MSR range used for x2APIC emulation
Summary: CVE-2014-7188 - Improper MSR range used for x2APIC emulation
Keywords:
Status: CLOSED DUPLICATE of bug 1148465
Alias: None
Product: Fedora
Classification: Fedora
Component: xen
Version: 20
Hardware: Unspecified
OS: Unspecified
unspecified
urgent
Target Milestone: ---
Assignee: Michael Young
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2014-10-01 12:34 UTC by Major Hayden 🤠
Modified: 2014-10-01 17:32 UTC (History)
4 users (show)

Fixed In Version:
Clone Of:
Environment:
Last Closed: 2014-10-01 17:32:13 UTC
Type: Bug
Embargoed:


Attachments (Terms of Use)
XSA-108 patch from Xen community (1.39 KB, text/plain)
2014-10-01 12:34 UTC, Major Hayden 🤠
no flags Details

Description Major Hayden 🤠 2014-10-01 12:34:30 UTC
Created attachment 943043 [details]
XSA-108 patch from Xen community

The Xen community has released details on XSA-108 / CVE-2014-7188 here:

  http://xenbits.xen.org/xsa/advisory-108.html
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7188

It affects Xen 4.1+, so that's Fedora 19 through rawhide if I remember correctly.  The patch is available here:

  http://xenbits.xen.org/xsa/xsa108.patch

The bug allows an HVM guest (including PVHVM) to read ~ 3KB worth of memory from the hypervisor or other guests.

Comment 1 Michael Young 2014-10-01 17:32:13 UTC
#1148465 is tracking bug for this.

*** This bug has been marked as a duplicate of bug 1148465 ***


Note You need to log in before you can comment on or make changes to this bug.