Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Evergreen:Maintenance:114
xen.openSUSE_Evergreen_11.4
CVE-2012-4538-xsa23.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File CVE-2012-4538-xsa23.patch of Package xen.openSUSE_Evergreen_11.4
References: CVE-2012-4538 XSA-23 bnc#786519 xen/mm/shadow: check toplevel pagetables are present before unhooking them. If the guest has not fully populated its top-level PAE entries when it calls HVMOP_pagetable_dying, the shadow code could try to unhook entries from MFN 0. Add a check to avoid that case. This issue was introduced by c/s 21239:b9d2db109cf5. This is a security problem, XSA-23 / CVE-2012-4538. Signed-off-by: Tim Deegan <tim@xen.org> Tested-by: Andrew Cooper <andrew.cooper3@citrix.com> Acked-by: Ian Campbell <ian.campbell@citrix.com> --- a/xen/arch/x86/mm/shadow/multi.c +++ b/xen/arch/x86/mm/shadow/multi.c @@ -4737,8 +4737,12 @@ static void sh_pagetable_dying(struct vc } for ( i = 0; i < 4; i++ ) { - if ( fast_path ) - smfn = _mfn(pagetable_get_pfn(v->arch.shadow_table[i])); + if ( fast_path ) { + if ( pagetable_is_null(v->arch.shadow_table[i]) ) + smfn = _mfn(INVALID_MFN); + else + smfn = _mfn(pagetable_get_pfn(v->arch.shadow_table[i])); + } else { /* retrieving the l2s */
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor