[v2.6] xen: Insufficient restrictions on certain MMU update hypercalls (CVE-2014-8594)
MMU update operations targeting page tables are intended to be used on PV guests only. The lack of a respective check made it possible for such operations to access certain function pointers which remain NULL when the target guest is using Hardware Assisted Paging (HAP).
RESOLUTION ==
Applying the appropriate attached patch resolves this issue.
http://seclists.org/oss-sec/2014/q4/att-666/xsa109.patch
xen-unstable, Xen 4.4.x, Xen 4.3.x
http://seclists.org/oss-sec/2014/q4/att-666/xsa109-4_2.patch
Xen 4.2.x
References: ===
http://seclists.org/oss-sec/2014/q4/666
(from redmine: issue id 3705, created on 2015-01-22, closed on 2017-09-05)
- Relations:
- parent #3704