Mailing List Archive

Xen Security Advisory 332 v3 - Rogue guests can cause DoS of Dom0 via high frequency events
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Xen Security Advisory XSA-332
version 3

Rogue guests can cause DoS of Dom0 via high frequency events

UPDATES IN VERSION 3
====================

Public release.

ISSUE DESCRIPTION
=================

The handling of Xen events in the Linux kernel runs with interrupts
disabled in a loop until no further event is pending.

Whenever an event has been accepted by the kernel, another event can
come in via the same event channel. This can result in the event
handling loop running for an extended time if new events are coming in
at a high rate. In extreme cases this can lead to a complete hang of
the kernel, resulting in a DoS situation of the host when dom0 is
affected.

IMPACT
======

Malicious guests can hang the host by sending events to dom0 at a high
frequency.

VULNERABLE SYSTEMS
==================

All systems with a Linux dom0 are affected.

All Linux kernel versions are affected.

MITIGATION
==========

There is no known mitigation.

CREDITS
=======

This issue was discovered by Julien Grall from Arm

RESOLUTION
==========

Applying the appropriate attached patches resolves this issue.

Note that patches for released versions are generally prepared to
apply to the stable branches, and may not apply cleanly to the most
recent release tarball. Downstreams are encouraged to update to the
tip of the stable branch before applying these patches.

xsa332-linux-??.patch Linux

$ sha256sum xsa332*
92d0789e8e5b9ec7ae0cd8b01ef31e27930dbe9b81b727521d46328107f3c719 xsa332-linux-01.patch
0bd82febcaf7fc72b88082f46cae9b67f39786d03b3e6aae5f0789cf855e6143 xsa332-linux-02.patch
e646b7caf11ded7f22b209635b209f50ac583cbaeb3270148ce66a3cd922f0c1 xsa332-linux-03.patch
9bed2213774a8107a2f2c157aeb0ebfda7cc6384cee0a245017b3a9eb28cff7f xsa332-linux-04.patch
8839af506b71946db35f223ff614aa92b4386aaf95e4d8b1408fbf31436ff80f xsa332-linux-05.patch
b261706bd7f7120fadff0e928be366924cfc13418c81a67ad45724b4179e8a5c xsa332-linux-06.patch
fc0c963a9a965fc7a72468b1a1ce0834dc866e77392ca0c1d9c8162457a526a0 xsa332-linux-07.patch
5d821c58dd7fcdb157c2844ba34675305c320de25f54409305ffcba610d5922b xsa332-linux-08.patch
242eb83eca8e3b6d2d303e2943aa041b5f19ea54242cd0de20252d2ae3d128d1 xsa332-linux-09.patch
70a042006d1df3dbbefc4c7d4dfd50da8f3a8e47ee77c2d6d0ba1eda405ae574 xsa332-linux-10.patch
ebbfa66d11b8c81353b72ed5f381672e6784a67895df482f7e791a9fb4c6fbf0 xsa332-linux-11.patch
cda1cbcca19860d43804e80ec2d7d13b295a140b42aa7d16118bb2d20bd63cae xsa332-linux-12.patch
$

DEPLOYMENT DURING EMBARGO
=========================

Deployment of the patches and/or mitigations described above (or
others which are substantially similar) is permitted during the
embargo, even on public-facing systems with untrusted guest users and
administrators.

But: Distribution of updated software is prohibited (except to other
members of the predisclosure list).

Predisclosure list members who wish to deploy significantly different
patches and/or mitigations, please contact the Xen Project Security
Team.


(Note: this during-embargo deployment notice is retained in
post-embargo publicly released Xen Project advisories, even though it
is then no longer applicable. This is to enable the community to have
oversight of the Xen Project Security Team's decisionmaking.)

For more information about permissible uses of embargoed information,
consult the Xen Project community's agreed Security Policy:
http://www.xenproject.org/security-policy.html
-----BEGIN PGP SIGNATURE-----

iQFABAEBCAAqFiEEI+MiLBRfRHX6gGCng/4UyVfoK9kFAl+OzqQMHHBncEB4ZW4u
b3JnAAoJEIP+FMlX6CvZ3MIIAJR5SsBiZM7dhNHSJWMv1OXZK9MBpIxUgJuLY6da
dlpsb6c5eb7ppAfHzkg+JABzc1hIKQkzKBL9n/tvP57KAWqnCbrPfk3/pVrvAf9E
Vubra4+Ec8hY+8JqJsxHS6ZPyLzViFaE505pBEHlFOGZYkSgqM/s96SgoZtgMSpx
pUpFGJCAUPZ7uR+urznM4QrWvvytsRbZo3fUrqn0f9WgMXFge0U9vE7Clt1yzZns
J5nmYq2gBJkrMINreth8T7oDCx7l+I+Cq4yJ0hreUWCxp6svl7kbjI55sdlrI99O
J7rXH6uaGEHSFfy/Zx4aek3eB5LP6Asgp2pQZkXOcSg8RLE=
=q2XX
-----END PGP SIGNATURE-----