Debian Bug report logs -
#780227
XSA-123 / CVE-2015-2151 Hypervisor memory corruption due to x86 emulator flaw
Reported by: Josip Rodin <joy@debbugs.entuzijast.net>
Date: Tue, 10 Mar 2015 19:36:02 UTC
Severity: critical
Tags: fixed-upstream, security, upstream
Found in version xen/4.1.4-1
Fixed in versions xen/4.1.4-3+deb7u5, xen/4.4.1-8
Done: Bastian Blank <waldi@debian.org>
Bug is archived. No further changes may be made.
Toggle useless messages
Report forwarded
to debian-bugs-dist@lists.debian.org, Debian Xen Team <pkg-xen-devel@lists.alioth.debian.org>:
Bug#780227; Package xen-hypervisor-4.1-amd64.
(Tue, 10 Mar 2015 19:36:07 GMT) (full text, mbox, link).
Acknowledgement sent
to Josip Rodin <joy@debbugs.entuzijast.net>:
New Bug report received and forwarded. Copy sent to Debian Xen Team <pkg-xen-devel@lists.alioth.debian.org>.
(Tue, 10 Mar 2015 19:36:07 GMT) (full text, mbox, link).
Message #5 received at submit@bugs.debian.org (full text, mbox, reply):
Package: xen-hypervisor-4.1-amd64
Version: 4.1.4-3+deb7u4
Severity: critical
Hi,
Not sure how come I'm the first one to file this kind of a bug report :)
but here goes JFTR...
http://xenbits.xen.org/xsa/advisory-123.html was embargoed, but advance
warning was given to several big Xen VM farms, which led to e.g.
https://aws.amazon.com/premiumsupport/maintenance-2015-03/
http://status.linode.com/incidents/2dyvn29ds5mz
I'm guessing the security team is on top of this...?
https://security-tracker.debian.org/tracker/CVE-2015-2151
TIA.
--
2. That which causes joy or happiness.
Marked as found in versions xen/4.1.4-1.
Request was from Salvatore Bonaccorso <carnil@debian.org>
to control@bugs.debian.org.
(Wed, 11 Mar 2015 06:45:05 GMT) (full text, mbox, link).
Marked as fixed in versions xen/4.1.4-3+deb7u5.
Request was from Salvatore Bonaccorso <carnil@debian.org>
to control@bugs.debian.org.
(Wed, 11 Mar 2015 06:45:06 GMT) (full text, mbox, link).
Added tag(s) upstream, security, and fixed-upstream.
Request was from Salvatore Bonaccorso <carnil@debian.org>
to control@bugs.debian.org.
(Wed, 11 Mar 2015 06:45:10 GMT) (full text, mbox, link).
No longer marked as found in versions xen/4.1.4-1 and xen/4.1.4-3+deb7u4.
Request was from Salvatore Bonaccorso <carnil@debian.org>
to control@bugs.debian.org.
(Wed, 11 Mar 2015 06:51:05 GMT) (full text, mbox, link).
No longer marked as fixed in versions xen/4.1.4-3+deb7u5.
Request was from Salvatore Bonaccorso <carnil@debian.org>
to control@bugs.debian.org.
(Wed, 11 Mar 2015 06:51:06 GMT) (full text, mbox, link).
Marked as found in versions xen/4.1.4-1.
Request was from Salvatore Bonaccorso <carnil@debian.org>
to control@bugs.debian.org.
(Wed, 11 Mar 2015 06:51:07 GMT) (full text, mbox, link).
Marked as fixed in versions xen/4.1.4-3+deb7u5.
Request was from Salvatore Bonaccorso <carnil@debian.org>
to control@bugs.debian.org.
(Wed, 11 Mar 2015 06:51:08 GMT) (full text, mbox, link).
Information forwarded
to debian-bugs-dist@lists.debian.org, Debian Xen Team <pkg-xen-devel@lists.alioth.debian.org>:
Bug#780227; Package src:xen.
(Wed, 11 Mar 2015 07:00:08 GMT) (full text, mbox, link).
Acknowledgement sent
to Salvatore Bonaccorso <carnil@debian.org>:
Extra info received and forwarded to list. Copy sent to Debian Xen Team <pkg-xen-devel@lists.alioth.debian.org>.
(Wed, 11 Mar 2015 07:00:08 GMT) (full text, mbox, link).
Message #26 received at 780227@bugs.debian.org (full text, mbox, reply):
Hi,
On Tue, Mar 10, 2015 at 08:17:46PM +0100, Josip Rodin wrote:
> I'm guessing the security team is on top of this...?
> https://security-tracker.debian.org/tracker/CVE-2015-2151
Yes, Moritz Muehlenhoff released
https://www.debian.org/security/2015/dsa-3181 including the fix for
CVE-2015-2151.
So marked this as fixed in 4.1.4-3+deb7u5.
Regards,
Salvatore
Reply sent
to Bastian Blank <waldi@debian.org>:
You have taken responsibility.
(Wed, 11 Mar 2015 21:21:32 GMT) (full text, mbox, link).
Notification sent
to Josip Rodin <joy@debbugs.entuzijast.net>:
Bug acknowledged by developer.
(Wed, 11 Mar 2015 21:21:32 GMT) (full text, mbox, link).
Message #31 received at 780227-close@bugs.debian.org (full text, mbox, reply):
Source: xen
Source-Version: 4.4.1-8
We believe that the bug you reported is fixed in the latest version of
xen, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 780227@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Bastian Blank <waldi@debian.org> (supplier of updated xen package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Wed, 11 Mar 2015 20:59:23 +0100
Source: xen
Binary: libxen-4.4 libxenstore3.0 libxen-dev xenstore-utils xen-utils-common xen-utils-4.4 xen-hypervisor-4.4-amd64 xen-system-amd64 xen-hypervisor-4.4-arm64 xen-system-arm64 xen-hypervisor-4.4-armhf xen-system-armhf
Architecture: source amd64 all
Version: 4.4.1-8
Distribution: unstable
Urgency: high
Maintainer: Debian Xen Team <pkg-xen-devel@lists.alioth.debian.org>
Changed-By: Bastian Blank <waldi@debian.org>
Description:
libxen-4.4 - Public libs for Xen
libxen-dev - Public headers and libs for Xen
libxenstore3.0 - Xenstore communications library for Xen
xen-hypervisor-4.4-amd64 - Xen Hypervisor on AMD64
xen-hypervisor-4.4-arm64 - Xen Hypervisor on ARM64
xen-hypervisor-4.4-armhf - Xen Hypervisor on ARMHF
xen-system-amd64 - Xen System on AMD64 (meta-package)
xen-system-arm64 - Xen System on ARM64 (meta-package)
xen-system-armhf - Xen System on ARMHF (meta-package)
xen-utils-4.4 - XEN administrative tools
xen-utils-common - Xen administrative tools - common files
xenstore-utils - Xenstore command line utilities for Xen
Closes: 780227
Changes:
xen (4.4.1-8) unstable; urgency=high
.
* Fix uninitialized return from wrong-sized reads from system devices.
CVE-2015-2044
* Fix hypervisor memory leak in uninitialized structures.
CVE-2015-2045
* Fix hypervisor memory corruption in x86 emulation. (closes: #780227)
CVE-2015-2151
Checksums-Sha1:
6d3bb7793f5dad171660649b8179f0638d412878 2600 xen_4.4.1-8.dsc
5369dce76642a5335efdc59964b55d9690a389fc 69760 xen_4.4.1-8.debian.tar.xz
b3c053737c0a50082decf7ea4389061dc71325bf 1671348 xen-hypervisor-4.4-amd64_4.4.1-8_amd64.deb
fbe833d67872de63fdf98c19575f2acaec7d8ba3 121078 xen-utils-common_4.4.1-8_all.deb
b66f1344ad69bb87b44bf63e5ca6d12d9735663c 19856 xen-system-amd64_4.4.1-8_amd64.deb
f6b6b173587af139dd0a8928b7ff50795e7e3562 476922 libxen-dev_4.4.1-8_amd64.deb
99ad274c8aa2746815ab047dacaecb216f0b7199 30726 libxenstore3.0_4.4.1-8_amd64.deb
0fd4a00ae7c13a74b2079c5538b02b5612333e50 26400 xenstore-utils_4.4.1-8_amd64.deb
52525e70811eb4957173eaac3e69cb6a20cd44e5 295340 libxen-4.4_4.4.1-8_amd64.deb
e6660682775b3c009b42bc2ea207524a83e7d1e9 393352 xen-utils-4.4_4.4.1-8_amd64.deb
Checksums-Sha256:
80b70cd40f732b4751b4802adeb25281a1f0a65cb6eb471d6f6265f9f8df0006 2600 xen_4.4.1-8.dsc
9a42a3a5313617d2f3f0144b272a8572a79323f75942943aea6b17fd6d7256c0 69760 xen_4.4.1-8.debian.tar.xz
b6bc41230366863a4645d04c49cae5bcbbefde15ca87323244bba033c6b9f347 1671348 xen-hypervisor-4.4-amd64_4.4.1-8_amd64.deb
61cfb5904c7d325e8bba0473220d1d4ea7ee4119a909f78cff31884d4e5fd6ed 121078 xen-utils-common_4.4.1-8_all.deb
f7c616a54b86586ca47e5f4938e6b09a467dd33643d86dd0d0076cc84f194053 19856 xen-system-amd64_4.4.1-8_amd64.deb
8173eb86705055054d9c0425f1098b6b65fbf261b3d9d950b5dae874519796ce 476922 libxen-dev_4.4.1-8_amd64.deb
9b93e566c075675340e6780383d79cb699951edd59de29336ed5bb10da21a891 30726 libxenstore3.0_4.4.1-8_amd64.deb
49f1faf71365f1399bc24769dd846b9836df6202e0e21fe1d6527839f609a86a 26400 xenstore-utils_4.4.1-8_amd64.deb
e59bc3ebf37f7db684381df4b130e846148eaa3b5d97820ee9d4ecdcbfe4b3e9 295340 libxen-4.4_4.4.1-8_amd64.deb
9d7d66a33f566d7755f943ab12cd62b036a80190df8c729d4b5f42ded37da8eb 393352 xen-utils-4.4_4.4.1-8_amd64.deb
Files:
269dc782f4f5a068168b264fd345c833 2600 kernel optional xen_4.4.1-8.dsc
27d3101a76682dcf701c6529d5fa50d5 69760 kernel optional xen_4.4.1-8.debian.tar.xz
aabf9eb67e22a9f0f243c917e2cfc429 1671348 kernel optional xen-hypervisor-4.4-amd64_4.4.1-8_amd64.deb
38865f8fb8d4a52f715a088c5e8df5a4 121078 kernel optional xen-utils-common_4.4.1-8_all.deb
bfce6abc93087c89662833425f2e0040 19856 kernel optional xen-system-amd64_4.4.1-8_amd64.deb
c01590ef1015503fd8cee41bba6076e4 476922 libdevel optional libxen-dev_4.4.1-8_amd64.deb
79a7ea0520e594cb1ca2a6dadbd67b7b 30726 libs optional libxenstore3.0_4.4.1-8_amd64.deb
3739dc73b21cbe4395e74034d2a6b060 26400 admin optional xenstore-utils_4.4.1-8_amd64.deb
a06f083b11561dca6803acf26fea7cde 295340 libs optional libxen-4.4_4.4.1-8_amd64.deb
1072b2e560338ca720bf48cfce7b6199 393352 kernel optional xen-utils-4.4_4.4.1-8_amd64.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQEcBAEBCgAGBQJVAKUxAAoJEG2TiIWKaf5Rm9QH/3LksiUCswrKzKlwY87eqE4+
sKt1P85ngqlBsLeYXRES7ROO3QdHdMhla8HxSzNaSvazyPhgn4GexRji+moZRy83
HV3Qie90PY2wDlHC5miPpnM/LCdDL1r8vlckw9sarR9+5eHQKap4tiA+WfcwK2m7
zYaMRsJgILHey29t+JRn9r05ZHNMTKRTFrxKDSf7A2GQAbzZ5akW6KQ/XXqSxdT9
sh67suKlE1N7H0VrvXyP/+SAAbKs0kaV0sZrKVPBejZHT7EiwCS8sZNCkYZnRGhs
uFi20rhtAq5Uga5cgiwYNrK6UU1qVGehRBX8Pr0FkutmopxWD8i7cueID/GGQt8=
=j2uZ
-----END PGP SIGNATURE-----
Bug archived.
Request was from Debbugs Internal Request <owner@bugs.debian.org>
to internal_control@bugs.debian.org.
(Sun, 24 May 2015 07:41:21 GMT) (full text, mbox, link).
Send a report that this bug log contains spam.
Debian bug tracking system administrator <owner@bugs.debian.org>.
Last modified:
Wed Jun 19 17:18:04 2019;
Machine Name:
buxtehude
Debian Bug tracking system
Debbugs is free software and licensed under the terms of the GNU
Public License version 2. The current version can be obtained
from https://bugs.debian.org/debbugs-source/.
Copyright © 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson,
2005-2017 Don Armstrong, and many other contributors.
Vulmon