Port-xen archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
qemu security issue in xen
Hi,
I've already said here that NetBSD/dom0 isn't affected by the pygrub security
issue in Xen (at last if the xen tools have been installed from pkgsrc).
Today I've been aware of 3 new issues, in the qemu part of the
HVM support:
http://secunia.com/advisories/26986/
this affects NetBSD too, if the xentools3*-hvm package is installed.
I just updated the pkg-vulnerabilities file to reflect this.
AFAIK no patches have been released yet.
The issue is that a compromised HVM guest could cause arbitrary code execution
in dom0, as root. 2 of the 3 issues can be worked around by choosing
another emulation than ne2000 for the network interface (by default the
realtek 8139 emulation is used), but I can't see how to workaround
the issue in cirrus_invalidate_region().
--
Manuel Bouyer <bouyer%antioche.eu.org@localhost>
NetBSD: 26 ans d'experience feront toujours la difference
--
Home |
Main Index |
Thread Index |
Old Index