Subject: qemu security issue in xen
To: None <port-xen@netbsd.org>
From: Manuel Bouyer <bouyer@antioche.eu.org>
List: port-xen
Date: 10/08/2007 21:18:26
Hi,
I've already said here that NetBSD/dom0 isn't affected by the pygrub security
issue in Xen (at last if the xen tools have been installed from pkgsrc).
Today I've been aware of 3 new issues, in the qemu part of the
HVM support:
http://secunia.com/advisories/26986/
this affects NetBSD too, if the xentools3*-hvm package is installed.
I just updated the pkg-vulnerabilities file to reflect this.
AFAIK no patches have been released yet.
The issue is that a compromised HVM guest could cause arbitrary code execution
in dom0, as root. 2 of the 3 issues can be worked around by choosing
another emulation than ne2000 for the network interface (by default the
realtek 8139 emulation is used), but I can't see how to workaround
the issue in cirrus_invalidate_region().
--
Manuel Bouyer <bouyer@antioche.eu.org>
NetBSD: 26 ans d'experience feront toujours la difference
--