oss-security - Re: Xen Security Advisory 57 - libxl allows guest write access to sensitive console related xenstore keys

Follow @Openwall on Twitter for new release announcements and other news

[<prev] [next>] [<thread-prev] [day] [month] [year] [list]

Message-ID: <51C9F7AE.3070004@redhat.com>
Date: Tue, 25 Jun 2013 14:03:58 -0600
From: Kurt Seifried <kseifried@...hat.com>
To: oss-security@...ts.openwall.com
CC: "Xen.org security team" <security@....org>, xen-announce@...ts.xen.org,
        xen-devel@...ts.xen.org, xen-users@...ts.xen.org
Subject: Re: Xen Security Advisory 57 - libxl allows guest
 write access to sensitive console related xenstore keys

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 06/21/2013 04:07 AM, Xen.org security team wrote:
> Xen Security Advisory XSA-57 version 3
> 
> libxl allows guest write access to sensitive console related
> xenstore keys
> 
> UPDATES IN VERSION 3 ====================
> 
> Public release.
> 
> ISSUE DESCRIPTION =================
> 
> The libxenlight (libxl) toolstack library does not correctly set 
> permissions on xenstore keys relating to paravirtualised and
> emulated serial console devices. This could allow a malicious
> guest administrator to change values in xenstore which the host
> later relies on being implicitly trusted.
> 
> This vulnerability has not yet been assigned a CVE Candidate number
> by MITRE.  We will issue an updated version of XSA-57 when this is 
> available.

Please use CVE-2013-2211 for this issue.

- -- 
Kurt Seifried Red Hat Security Response Team (SRT)
PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.13 (GNU/Linux)

iQIcBAEBAgAGBQJRyfeuAAoJEBYNRVNeJnmThT8P/2Ehm4GlkwopiQeHAZ+sDICM
sG62vRRVrTl3NOvmIq1hhCum1CxSkriGsid+v2TDu9RXsyZ8bZHkbwUBdqcxJi0A
LxFnmvd/EfWMtdxzbdw5YclFQ3o8ajxpJ9K10NLcVy46Mfcr9ZUA86PdwTcAYUk5
PC9X/EGFXENq+v+PRs6SwuJQyUey39dz1C9w4/R/G7JqNwZMHbuwGJWjC32ExvE9
c4n9NpZCPeHt+xVj/9LPjCMZhVDttq+GRk3o00CBf3ruUYY5cWGbm0X2kZLiqb5/
E+XLdZULQtwdIW/GfAwyjIhO0516dvMYK/rBtZyOvwOTrXvJC95nMSg4BHXq+ae3
7NMAPMH9OF8ppBi3+8MyOh5bdQGu+Dq6v/OzobIcuJa7xXaq+S6B3xZuzQvXInwS
WYoaxYtRQoeL2lugxb08D70E4rMKJobCMqao+k9dEiLgyy7Y/OVfwq0Tmj2VJWur
Pzil1NBgcPGWA89AdMcVdTJa8RjEc6wbEaFIIRy0EqAGK4o4zjkghwl+19OQNO9A
g5hTtjCkJ+OiLHm1lmDnuIK3KJ6HIlDSfIp9qcpu9iu2fQVrVCYAoXRJ9w35gJCQ
xvxs/ytE9EyGysQXY7TFsgOnY9SWBUThQgCMUqO2Ylhc/9EaCVemy2J6YJI8yuuS
bCJ5Rs25sKay74ovVPeD
=jbfT
-----END PGP SIGNATURE-----

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.