1090424 – (CVE-2014-2915) CVE-2014-2915 xen: Hardware features unintentionally exposed to guests on ARM

Bug 1090424 (CVE-2014-2915) - CVE-2014-2915 xen: Hardware features unintentionally exposed to guests on ARM

Summary: CVE-2014-2915 xen: Hardware features unintentionally exposed to guests on ARM

Keywords:
Status:	CLOSED NOTABUG
Alias:	CVE-2014-2915
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Red Hat Product Security
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	1090426
Blocks:	1088255
TreeView+	depends on / blocked

Reported:	2014-04-23 09:58 UTC by Petr Matousek
Modified:	2021-02-17 06:37 UTC (History)
CC List:	18 users (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2014-04-23 10:01:15 UTC
Embargoed:

Attachments	(Terms of Use)

Description Petr Matousek 2014-04-23 09:58:44 UTC

When running on an ARM platform Xen was not correctly configuring the
hardware virtualisation platform and therefore did not prevent guests
from accessing various hardware features including cache control,
coprocessors, debug registers and various processor specific
registers.

By accessing these hardware facilities a malicious or buggy guest may
be able to cause various issues, including crashing the host, crashing
other guests (including control domains) and data corruption.

Privilege escalation is not thought to be possible but has not been
ruled out.

References:
http://www.openwall.com/lists/oss-security/2014/04/22/9

Comment 1 Petr Matousek 2014-04-23 10:00:18 UTC

Created xen tracking bugs for this issue:

Affects: fedora-all [bug 1090426]

Comment 2 Petr Matousek 2014-04-23 10:01:15 UTC

Statement:

Not vulnerable.

This issue did not affect the versions of the kernel-xen package as shipped with Red Hat Enterprise Linux 5.

Note You need to log in before you can comment on or make changes to this bug.