[Pkg-xen-changes] r1126 - in branches/wheezy/xen/debian: . patches
Bastian Blank
waldi at alioth.debian.org
Tue Dec 4 09:51:37 UTC 2012
Author: waldi
Date: Tue Dec 4 09:51:36 2012
New Revision: 1126
Log:
* debian/changelog: Update.
* debian/patches: Add fix for CVE-2012-5514.
Added:
branches/wheezy/xen/debian/patches/CVE-2012-5514
Modified:
branches/wheezy/xen/debian/changelog
branches/wheezy/xen/debian/patches/series
Modified: branches/wheezy/xen/debian/changelog
==============================================================================
--- branches/wheezy/xen/debian/changelog Mon Dec 3 19:12:59 2012 (r1125)
+++ branches/wheezy/xen/debian/changelog Tue Dec 4 09:51:36 2012 (r1126)
@@ -1,3 +1,10 @@
+xen (4.1.3-6) UNRELEASED; urgency=high
+
+ * Fix error handling in physical to machine memory mapping.
+ CVE-2012-5514
+
+ -- Bastian Blank <waldi at debian.org> Tue, 04 Dec 2012 10:27:57 +0100
+
xen (4.1.3-5) unstable; urgency=high
* Fix state corruption due to incomplete grant table switch.
Added: branches/wheezy/xen/debian/patches/CVE-2012-5514
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ branches/wheezy/xen/debian/patches/CVE-2012-5514 Tue Dec 4 09:51:36 2012 (r1126)
@@ -0,0 +1,39 @@
+Description: xen: fix error handling of guest_physmap_mark_populate_on_demand()
+From: Jan Beulich <jbeulich at suse.com>
+Origin: upstream
+Id: CVE-2012-5514
+---
+--- a/xen/arch/x86/mm/p2m.c Mon Nov 19 09:43:48 2012 +0100
++++ b/xen/arch/x86/mm/p2m.c Thu Nov 22 17:07:37 2012 +0000
+@@ -2412,6 +2412,9 @@ guest_physmap_mark_populate_on_demand(st
+ int pod_count = 0;
+ int rc = 0;
+
++ if ( !IS_PRIV_FOR(current->domain, d) )
++ return -EPERM;
++
+ if ( !paging_mode_translate(d) )
+ return -EINVAL;
+
+@@ -2430,8 +2433,7 @@ guest_physmap_mark_populate_on_demand(st
+ omfn = gfn_to_mfn_query(p2m, gfn + i, &ot);
+ if ( p2m_is_ram(ot) )
+ {
+- printk("%s: gfn_to_mfn returned type %d!\n",
+- __func__, ot);
++ P2M_DEBUG("gfn_to_mfn returned type %d!\n", ot);
+ rc = -EBUSY;
+ goto out;
+ }
+@@ -2453,10 +2455,10 @@ guest_physmap_mark_populate_on_demand(st
+ BUG_ON(p2m->pod.entry_count < 0);
+ }
+
++out:
+ audit_p2m(p2m, 1);
+ p2m_unlock(p2m);
+
+-out:
+ return rc;
+ }
+
Modified: branches/wheezy/xen/debian/patches/series
==============================================================================
--- branches/wheezy/xen/debian/patches/series Mon Dec 3 19:12:59 2012 (r1125)
+++ branches/wheezy/xen/debian/patches/series Tue Dec 4 09:51:36 2012 (r1126)
@@ -20,6 +20,7 @@
CVE-2012-5511
CVE-2012-5512
CVE-2012-5513
+CVE-2012-5514
CVE-2012-5515
xen-x86-interrupt-pointer-missmatch.diff
More information about the Pkg-xen-changes
mailing list