Xen 'xc _ vcpu_setaffinity () 'Function Buffer Overflow Vulnerability

Xen 'xc _ vcpu_setaffinity () 'Function Buffer Overflow Vulnerability

Release date:
Updated on: 2013-05-20

Affected Systems:
XenSource Xen> = 4.0
Description:
--------------------------------------------------------------------------------
Bugtraq id: 59982
CVE (CAN) ID: CVE-2013-2072
 
Xen is an open-source Virtual Machine monitor developed by the University of Cambridge.

Xen 4.0 and later versions have security vulnerabilities. If the system allows untrusted client administrators to configure cpu affinity masks and the system uses libxc Python bindings, attackers can exploit this vulnerability to damage the memory, causes the toolstack to crash when a specific vcpu affinity is configured, resulting in DOS. It may also cause remote code execution. This vulnerability occurs because Python bindings called by xc_vcpu_setaffinity does not properly check its input.
 
<* Source: Xen

Link: http://www.openwall.com/lists/oss-security/2013/05/17/2
*>

Suggestion:
--------------------------------------------------------------------------------
Temporary solution:
 
If you cannot install or upgrade the patch immediately, NSFOCUS recommends that you take the following measures to reduce the threat:
 
* Do not allow untrusted client administrators to configure VCPU affinity. You can also switch to a toolstack that does not use Python.
 
Vendor patch:
 
XenSource
---------
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:
 
Http://lists.xen.org/archives/html/xen-announce