1164253 – (CVE-2014-8866, xsa111) CVE-2014-8866 xen: Excessive checking in compatibility mode hypercall argument translation (xsa111)

Bug 1164253 (CVE-2014-8866, xsa111) - CVE-2014-8866 xen: Excessive checking in compatibility mode hypercall argument translation (xsa111)

Summary: CVE-2014-8866 xen: Excessive checking in compatibility mode hypercall argumen...

Keywords:
Status:	CLOSED NOTABUG
Alias:	CVE-2014-8866, xsa111
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	high
Severity:	high
Target Milestone:	---
Assignee:	Red Hat Product Security
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:	1164260
TreeView+	depends on / blocked

Reported:	2014-11-14 13:22 UTC by Petr Matousek
Modified:	2023-05-12 06:06 UTC (History)
CC List:	6 users (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2014-11-14 13:24:37 UTC
Embargoed:

Attachments	(Terms of Use)

Description Petr Matousek 2014-11-14 13:22:03 UTC

The hypercall argument translation needed for 32-bit guests running on
64-bit hypervisors performs checks on the final register state. These
checks cover all registers potentially holding hypercall arguments,
not just the ones actually doing so for the hypercall being processed,
since the code was originally intended for use only by PV guests.

A buggy or malicious HVM guest can crash the host.

Acknowledgements:

Red Hat would like to thank the Xen for reporting this issue.

Comment 3 Petr Matousek 2014-11-14 13:24:37 UTC

Statement:

Not vulnerable.

This issue did not affect the versions of the kernel-xen package as shipped with Red Hat Enterprise Linux 5.

Note You need to log in before you can comment on or make changes to this bug.