Xen amd iommu Local Denial of Service Vulnerability

Release date:
Updated on: 2013-02-27

Affected Systems:
XenSource Xen 4.x
XenSource Xen 3.x
XenSource Xen
Description:
--------------------------------------------------------------------------------
Bugtraq id: 57745
CVE (CAN) ID: CVE-2013-0153
 
Xen is an open-source Virtual Machine monitor developed by the University of Cambridge.

To avoid an early hardware error, the Xen amd iommu Code uses a single interrupt re ing table throughout the system by default. This means that guest with direct pass-through PCI can inject interruptions to other guest (including domain 0) using the bus master capability.
 
In addition, no matter whether the shared interrupt re ing table is used or not, the old entries (entries) are not always cleared, which gives some guest to other guest (including domain 0) inject the opportunity of interruption.
 
Attackers can exploit this vulnerability to crash the entire system.

 
<* Source: vendor

Link: https://bugzilla.redhat.com/show_bug.cgi? CVE-2013-0153
Https://bugzilla.redhat.com/show_bug.cgi? CVE-2013-0154
*>

Suggestion:
--------------------------------------------------------------------------------
Vendor patch:
 
XenSource
---------
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:
 
Http://xen.xensource.com/