|
Message-ID: <21391.17325.593589.765688@mariner.uk.xensource.com> Date: Wed, 4 Jun 2014 17:05:01 +0100 From: Ian Jackson <Ian.Jackson@...citrix.com> To: <cve-assign@...re.org> CC: <security@....org>, <oss-security@...ts.openwall.com> Subject: Re: Xen Security Advisory 98 - insufficient permissions checks accessing guest memory on ARM cve-assign@...re.org writes ("Re: Xen Security Advisory 98 - insufficient permissions checks accessing guest memory on ARM"): ... > > When accessing guest memory Xen does not correctly perform permissions > > checks on the (possibly guest provided) virtual address ... This > > allows a guest to write to memory which it should only be able to > > read. > > > In the event that a guest executes code from a page which has been > > shared read-only with another guest it would be possible to mount a > > take over attack on that guest. > > Use CVE-2014-3969. Thanks. I have sent out updated versions of XSA-96 and -98. > Our understanding is that "executes code from a page which has been > shared read-only" depends on the permissions issue (lack of a check > for execute permission), and is not an independent problem. That is correct. Thanks, Ian.
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.