En

Xen官网安全更新(2020-01-14)

来源:Xen官网 发布日期:2020-01-14 阅读次数:610 评论:0

基本信息

发布日期:2020-01-14(官方当地时间)

更新类型:安全更新

更新版本:未知

感知时间:2020-03-11 01:10:03

风险等级:未知

情报贡献:TSRC

更新标题

arm: a CPU may speculate past the ERET instruction

更新详情




XSA-312 - Xen Security Advisories



InformationAdvisory XSA-312Public release 2020-01-14 14:20Updated 2020-01-14 14:20Version 1CVE(s) none (yet) assignedTitle arm: a CPU may speculate past the ERET instructionFilesadvisory-312.txt (signed advisory file)xsa312.metaxsa312.patchxsa312-4.9.patchxsa312-4.11.patchAdvisory-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Xen Security Advisory XSA-312

arm: a CPU may speculate past the ERET instruction

ISSUE DESCRIPTION
=================

Some CPUs can speculate past an ERET instruction and potentially perform
speculative accesses to memory before processing the exception return.
Since the register state is often controlled by lower privilege level
(i.e guest kernel/userspace) at the point of the ERET, this could
potentially be used as part of a side-channel attack.

IMPACT
======

An attacker, which could include a malicious untrusted user process on
a trusted guest, or an untrusted guest, may be able to use it as part of
side-channel attack to read host memory.

VULNERABLE SYSTEMS
==================

System running all version of Xen are affected.

Whether an individual Arm-based CPU is vulnerable depends on its
speculation properties. Consult your CPU vendor.

x86 systems are not vulnerable.

MITIGATION
==========

There is no mitigation available.

NOTE REGARDING LACK OF EMBARGO
==============================

This was reported publicly, as affecting other Open Source projects,
before the Xen Project Security Team was made aware.

RESOLUTION
==========

Applying the appropriate attached patch resolves this issue.

Note that patches for released versions are generally prepared to
apply to the stable branches, and may not apply cleanly to the most
recent release tarball. Downstreams are encouraged to update to the
tip of the stable branch before applying these patches.

xsa312.patch xen-unstable, Xen 4.13 - 4.12
xsa312-4.11.patch Xen 4.11 - 4.10
xsa312-4.9.patch Xen 4.9

$ sha256sum xsa312*
112c9d77f964174db5709c758626a2bd5fec9bfdacc89fbc96f1ddd44aca6bbf xsa312.meta
9b2078d448e4815c9ddc6554bf869d64412dc787b1b94830a24e47df6a9f30e7 xsa312.patch
29b95d6ea0295e124c3cfd5b1611ae341bb195d1c441ee69976e2f74cde652a8 xsa312-4.9.patch
8d64b3039c570f4b5c82abbbcf2714ec3b60db55fe3e1b3bb838df7dfaf627e9 xsa312-4.11.patch
$
-----BEGIN PGP SIGNATURE-----

iQFABAEBCAAqFiEEI+MiLBRfRHX6gGCng/4UyVfoK9kFAl4dzjAMHHBncEB4ZW4u
b3JnAAoJEIP+FMlX6CvZOx4H/2nt+377yBhbqNqUO2nCbqUWBkCB/OHQQ3uyjytp
PEDW9epevCJHOvQ3w24gh9SplWupHvrzS2PbqCWwEMPZXfkYB6Ye2kr7hbJHMOxB
bP6qm71plWG/RGmKSTVeVbOqAtiwdXkIvE8PIETGSuQ3Ip8exIkWvXnkY3v7KQne
WIg+vcadAqvv9oZj8UAv+V6oihUr1MyOMaddsW0QczF1yhs7EErpSBrLT1G2+nm/
MxY8nE40rAzZBs+G1puODC8uK/LSmGlvms+200FOPHnyyIKmznmAtGLE7pziPj7F
Qdy4GOWLAE1oQcrglmdk6SOCK7CRJSSZ0RminYNNPSX6EqM=
=FnmX
-----END PGP SIGNATURE-----
Xenproject.org Security Team

软件描述

Xen 是一个开放源代码虚拟机监视器,由剑桥大学开发。它打算在单个计算机上运行多达100个满特征的操作系统。操作系统必须进行显式地修改(“移植”)以在Xen上运行(但是提供对用户应用的兼容性)。这使得Xen无需特殊硬件支持,就能达到高性能的虚拟化。

CVE编号

TSRC分析

暂无

业界资讯

暂无

评论

提交评论 您输入的评论有误,请重新输入