Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Evergreen:Maintenance:114
xen.openSUSE_Evergreen_11.4
CVE-2012-4539-xsa24.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File CVE-2012-4539-xsa24.patch of Package xen.openSUSE_Evergreen_11.4
References: CVE-2012-4539 XSA-24 bnc#786520 compat/gnttab: Prevent infinite loop in compat code c/s 20281:95ea2052b41b, which introduces Grant Table version 2 hypercalls introduces a vulnerability whereby the compat hypercall handler can fall into an infinite loop. If the watchdog is enabled, Xen will die after the timeout. This is a security problem, XSA-24 / CVE-2012-4539. Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com> Acked-by: Jan Beulich <jbeulich@suse.com> Acked-by: Ian Jackson <ian.jackson@eu.citrix.com> --- a/xen/common/compat/grant_table.c +++ b/xen/common/compat/grant_table.c @@ -310,6 +310,8 @@ int compat_grant_table_op(unsigned int c #undef XLAT_gnttab_get_status_frames_HNDL_frame_list if ( unlikely(__copy_to_guest(cmp_uop, &cmp.get_status, 1)) ) rc = -EFAULT; + else + i = 1; } break; }
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor