xen: arm: vgic: incorrect rate limiting of guest triggered logging (XSA-118)
ISSUE DESCRIPTION
On ARM systems the code which deals with virtualising the GIC
distributor would, under various circumstances, log messages on a guest
accessible code path without appropriate rate limiting.
IMPACT
A malicious guest could cause repeated logging to the hypervisor
console, leading to a Denial of Service attack.
VULNERABLE SYSTEMS
Xen 4.4 and later systems running on ARM hardware are vulnerable.
x86 systems are not affected.
CREDITS
This issue was discovered by Julien Grall.
RESOLUTION
Applying the appropriate attached patch(es) resolves this issue.
http://seclists.org/oss-sec/2015/q1/att-328/xsa118-4\_4.patch Xen 4.4.x
(from redmine: issue id 3894, created on 2015-02-04, closed on 2015-03-16)
- Changesets:
- Revision f1e6cf88 by Natanael Copa on 2015-03-13T14:10:06Z:
main/xen: fix for xsa118
ref #3894
- Revision 14262541 by Natanael Copa on 2015-03-13T14:20:12Z:
main/xen: security fix for xsa118 (CVE-2015-1563)
fixes #3894