ISSUE DESCRIPTION ================= When the libxl toolstack launches qemu for HVM guests, it pipes the output of stderr to a file in /var/log/xen. This output is not rate-limited in any way. The guest can easily cause qemu to print messages to stderr, causing this file to become arbitrarily large. IMPACT ====== The disk containing the logfile can be exausted, possibly causing a denial-of-service (DoS). VULNERABLE SYSTEMS ================== All versions of Xen are affected. Only x86 systems are affected; ARM systems are not affected. Only systems running HVM guests are affected; systems running only PV guests are not affected. Both qemu-upstream and qemu-traditional are affected. MITIGATION ========== Running only PV guests will avoid this vulnerability. References: http://seclists.org/oss-sec/2016/q2/390
Created xen tracking bugs for this issue: Affects: fedora-all [bug 1339125]
Created qemu tracking bugs for this issue: Affects: fedora-all [bug 1339124]
xen-4.6.1-10.fc24 has been pushed to the Fedora 24 stable repository. If problems still persist, please make note of it in this bug report.
xen-4.5.3-6.fc23 has been pushed to the Fedora 23 stable repository. If problems still persist, please make note of it in this bug report.
xen-4.5.3-6.fc22 has been pushed to the Fedora 22 stable repository. If problems still persist, please make note of it in this bug report.