Overview

File 5535f633-dont-leak-hypervisor-stack-to-toolstacks.patch of Package xen.openSUSE_13.1_Update

Subject: domctl/sysctl: don't leak hypervisor stack to toolstacks
From: Andrew Cooper andrew.cooper3@citrix.com Tue Apr 21 09:25:03 2015 +0200
Date: Tue Apr 21 09:25:03 2015 +0200:
Git: 58db71c5cdd48126b9380c230dc5b61554bad7d8

This is CVE-2015-3340 / XSA-132.

Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
Reviewed-by: Jan Beulich <jbeulich@suse.com>
Acked-by: Ian Campbell <ian.campbell@citrix.com>
master commit: 4ff3449f0e9d175ceb9551d3f2aecb59273f639d
master date: 2015-04-21 09:03:15 +0200

Index: xen-4.3.4-testing/xen/arch/x86/domctl.c
===================================================================
--- xen-4.3.4-testing.orig/xen/arch/x86/domctl.c
+++ xen-4.3.4-testing/xen/arch/x86/domctl.c
@@ -939,7 +939,7 @@ long arch_do_domctl(
 
     case XEN_DOMCTL_gettscinfo:
     {
-        xen_guest_tsc_info_t info;
+        xen_guest_tsc_info_t info = { 0 };
 
         domain_pause(d);
         tsc_get_info(d, &info.tsc_mode,
Index: xen-4.3.4-testing/xen/common/sysctl.c
===================================================================
--- xen-4.3.4-testing.orig/xen/common/sysctl.c
+++ xen-4.3.4-testing/xen/common/sysctl.c
@@ -76,7 +76,7 @@ long do_sysctl(XEN_GUEST_HANDLE_PARAM(xe
     case XEN_SYSCTL_getdomaininfolist:
     { 
         struct domain *d;
-        struct xen_domctl_getdomaininfo info;
+        struct xen_domctl_getdomaininfo info = { 0 };
         u32 num_domains = 0;
 
         rcu_read_lock(&domlist_read_lock);
openSUSE Build Service is sponsored by
Places