[kernel-xen] Xen Security Advisory 73 - Lock order reversal between page allocation and grant table locks
netwiz at crc.id.au
Sun Nov 3 15:09:14 EST 2013
Xen Security Advisory XSA-73
Lock order reversal between page allocation and grant table locks
UPDATES IN VERSION 2
Corrected typo in xsa73-4.1.patch. The other patches were already
NOTE REGARDING LACK OF EMBARGO
While the response to this issue was being prepared by the security
team, the bug was independently discovered by a third party who
publicly disclosed it without realising the security impact.
The locks page_alloc_lock and grant_table.lock are not always taken in
the same order. This opens the possibility of deadlock.
A malicious guest administrator can deny service to the entire host.
Xen versions going back to at least Xen 3.2 are vulnerable.
To exploit the vulnerability, the attacker must have control of more
than one vcpu, either by controlling a malicious multi-vcpu guest, or
by controlling more than one guest.
There is no practical mitigation for this issue.
This issue was discovered by Coverity Scan and diagnosed by Andrew
Fixed in xen-4.2.3-8
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 834 bytes
Desc: OpenPGP digital signature
More information about the kernel-xen