Bug 1610543 (CVE-2018-15469) - CVE-2018-15469 xen: Use of v2 grant tables may cause crash on ARM (XSA-268)
Summary: CVE-2018-15469 xen: Use of v2 grant tables may cause crash on ARM (XSA-268)
Keywords:
Status: CLOSED NOTABUG
Alias: CVE-2018-15469
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 1616081
Blocks: 1610544
TreeView+ depends on / blocked
 
Reported: 2018-07-31 21:33 UTC by Laura Pardo
Modified: 2019-09-29 14:46 UTC (History)
13 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2018-10-09 11:53:26 UTC
Embargoed:


Attachments (Terms of Use)

Description Laura Pardo 2018-07-31 21:33:38 UTC
A flaw was found in xen. ARM never properly implemented grant table v2, either in the hypervisor or in Linux. Unfortunately, an ARM guest can still request v2 grant tables;  they will simply not be properly set up, resulting in subsequent grant-related hypercalls hitting BUG() checks. An unprivileged guest can cause a BUG() check in the hypervisor, resulting in a denial-of-service.

Comment 1 Laura Pardo 2018-08-14 21:55:19 UTC
Created xen tracking bugs for this issue:

Affects: fedora-all [bug 1616081]


Note You need to log in before you can comment on or make changes to this bug.