qemu security issue in xen

To: port-xen%netbsd.org@localhost
Subject: qemu security issue in xen
From: Manuel Bouyer <bouyer%antioche.eu.org@localhost>
Date: Mon, 8 Oct 2007 21:18:26 +0200

Hi,
I've already said here that NetBSD/dom0 isn't affected by the pygrub security
issue in Xen (at last if the xen tools have been installed from pkgsrc).
Today I've been aware of 3 new issues, in the qemu part of the
HVM support:
http://secunia.com/advisories/26986/
this affects NetBSD too, if the xentools3*-hvm package is installed.
I just updated the pkg-vulnerabilities file to reflect this.
AFAIK no patches have been released yet.

The issue is that a compromised HVM guest could cause arbitrary code execution
in dom0, as root. 2 of the 3 issues can be worked around by choosing
another emulation than ne2000 for the network interface (by default the
realtek 8139 emulation is used), but I can't see how to workaround
the issue in cirrus_invalidate_region().

-- 
Manuel Bouyer <bouyer%antioche.eu.org@localhost>
     NetBSD: 26 ans d'experience feront toujours la difference
--

Follow-Ups:
- Re: qemu security issue in xen
  - From: Christoph Egger

Prev by Date: Re: XEN 3 on NetBSD 4 as Dom0
Next by Date: Re: XEN 3 on NetBSD 4 as Dom0
Previous by Thread: XEN 3 on NetBSD 4 as Dom0
Next by Thread: Re: qemu security issue in xen
Indexes:

Home | Main Index | Thread Index | Old Index