Multiple Xen vulnerabilities (XSA-*)

Description:

Multiple security issues have been discovered recently in the Xen virtualisation solution which may result in denial of service (Crash the host, ...), information disclosure or privilege escalation.All the details are available in the Xen Security Announcement (XSA) below

Xen Security Announcement (XSA)

 Vulnerable Systems

Advisory CVE

Vulnerable systems

See details in  http://xenbits.xen.org/xsa/ See details for each XSA in the official website http://xenbits.xen.org/xsa/

Xen versions 3.3 and onwards are vulnerable due to supporting PCI
pass-through.

 

__________________________________________

XSA-133

CVE-2015-3456

All Xen systems running x86 HVM guests without stubdomains are
vulnerable to this depending on the specific guest configuration. The
default configuration is vulnerable.

Guests using either the traditional "qemu-xen" or upstream qemu device
models are vulnerable.

Guests using a qemu-dm stubdomain to run the device model are only
vulnerable to takeover of that service domain.

Systems running only x86 PV guests are not vulnerable.

 

VENOM, CVE-2015-3456, is a security vulnerability in the virtual floppy drive code used by many computer virtualization platforms. This vulnerability may allow an attacker to escape from the confines of an affected virtual machine (VM) guest and potentially obtain code-execution access to the host. Absent mitigation, this VM escape could open access to the host system and all other VMs running on that host, potentially giving adversaries significant elevated access to the host’s local network and adjacent systems.

Additional details: http://venom.crowdstrike.com/

 

To resolve this issue, you can follow the instructions described in the “Resolution section of the official website http://xenbits.xen.org/xsa/advisory-133.html and apply the necessary patches. See details in this article https://kb.iweb.com/entries/93914518--Security-vulnerability-VENOM-CVE-2015-3456-QEMU-XEN-KVM-?locale=1

__________________________________________

Other announcements

 

Visit http://xenbits.xen.org/xsa/

__________________________________________

XSA-124 none (yet) assigned

See the section "VULNERABLE SYSTEMS" of http://xenbits.xen.org/xsa/advisory-124.html

__________________________________________

XSA-123  CVE-2015-2151

Xen 3.2.x and later are vulnerable.

Xen 3.1.x and earlier have not been inspected.

Only x86 systems are vulnerable. ARM systems are not vulnerable.

__________________________________________

XSA-122

CVE-2015-2045

Xen 3.2.x and later are vulnerable.

Xen 3.1.x and earlier have not been inspected.

__________________________________________

XSA-121

CVE-2015-2044

Xen 3.2.x and later are vulnerable.

Xen 3.1.x and earlier have not been inspected. 

Only HVM guests can take advantage of this vulnerability. 

Only x86 systems are vulnerable.  ARM systems are not vulnerable.

__________________________________________

XSA-120  CVE-2015-2150

 Xen versions 3.3 and onwards are vulnerable due to supporting PCI pass-through.

Upstream Linux versions 3.1 and onwards are vulnerable due to supporting PCI backend functionality.

Other Linux versions as well as other OS versions may be vulnerable too.

Any domain which is given access to a non-SR-IOV virtual function PCI Express device can take advantage of this vulnerability.

__________________________________________

XSA-119 CVE-2015-2152

See details here: http://xenbits.xen.org/xsa/advisory-119.html

...  

Visit http://xenbits.xen.org/xsa/

__________________________________________

XSA-110

CVE-2014-8595

Xen 3.2.1 and onward are vulnerable on x86 systems..

ARM systems are not vulnerable.

__________________________________________

XSA-109

CVE-2014-8594

Xen 4.0 and onward are vulnerable.

Only x86 systems are vulnerable. 

ARM systems are not vulnerable.

__________________________________________

XSA-108

CVE-2014-7188

Xen 4.1 and onward are vulnerable. Only x86 systems are vulnerable. ARM systems are not vulnerable.

__________________________________________

XSA-107

CVE-2014-6268

Xen 4.4 and onward are vulnerable.

__________________________________________

XSA-106

CVE-2014-7156

Xen versions from 3.3 onwards are vulnerable.

Only user processes in HVM guests can take advantage of this vulnerability.

__________________________________________

XSA-105

CVE-2014-7155

Xen versions from at least 3.2.x onwards are vulnerable.

Older versions have not been inspected.

Only user processes in HVM guests can take advantage of this vulnerability.

__________________________________________

XSA-104

CVE-2014-7154

Xen versions from 4.0.0 onwards are vulnerable.

This vulnerability is only applicable to Xen systems using stub domains or other forms of disaggregation of control domains for HVM guests.

__________________________________________

Older announcements  

Visit http://xenbits.xen.org/xsa/

 

To verify the version of your Xen server, use the following command:

xm info

Resolution and mitigations

All the details about the mitigation measures to be taken and/or the security patches to be applied are available in the related Xen Security Announcement (XSA) http://xenbits.xen.org/xsa/

 

References

http://xenbits.xen.org/xsa/

http://www.cvedetails.com/vulnerability-list/vendor_id-6276/XEN.html

 

Have more questions? Submit a request

0 Comments

Article is closed for comments.
Powered by Zendesk