OracleVM 3.2 : xen (OVMSA-2013-0004)

medium Nessus Plugin ID 79496

Synopsis

The remote OracleVM host is missing one or more security updates.

Description

The remote OracleVM system is missing necessary patches to address critical security updates :

- Xen Security Advisory CVE-2012-5634 / XSA-33 (v3) VT-d interrupt remapping source validation flaw

The patch supplied for Xen 4.1 (xsa33-4.1.patch) contained a build error. A corrected patch is attached.
The fix is also now available in as changeset 23441:2a91623a5807

When passing a device which is behind a legacy PCI Bridge through to a guest Xen incorrectly configures the VT-d hardware. This could allow incorrect interrupts to be injected to other guests which also have passthrough devices. In a typical Xen system many devices are owned by domain 0 or driver domains, leaving them vulnerable to such an attack. Such a DoS is likely to have an impact on other guests running in the system.

A malicious domain, given access to a device which is behind a legacy PCI bridge, can mount a denial of service attack affecting the whole system.

Xen version 4.0 onwards is vulnerable. Only systems using Intel VT-d for PCI passthrough are vulnerable. Any domain which is given access to a PCI device that is behind a legacy PCI bridge can take advantage of this vulnerability. Domains which are given access to PCIe devices only are not able to take advantage of this vulnerability.

This issue can be avoided by not assigning PCI devices which are behind a legacy PCI bridge to untrusted guests.

Solution

Update the affected xen / xen-devel / xen-tools packages.

See Also

http://www.nessus.org/u?b895879d

Plugin Details

Severity: Medium

ID: 79496

File Name: oraclevm_OVMSA-2013-0004.nasl

Version: 1.4

Type: local

Published: 11/26/2014

Updated: 1/4/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.7

CVSS v2

Risk Factor: Medium

Base Score: 6.1

Temporal Score: 5.3

Vector: CVSS2#AV:A/AC:L/Au:N/C:N/I:N/A:C

Vulnerability Information

CPE: p-cpe:/a:oracle:vm:xen, p-cpe:/a:oracle:vm:xen-devel, p-cpe:/a:oracle:vm:xen-tools, cpe:/o:oracle:vm_server:3.2

Required KB Items: Host/local_checks_enabled, Host/OracleVM/release, Host/OracleVM/rpm-list

Exploit Ease: No known exploits are available

Patch Publication Date: 1/18/2013

Vulnerability Publication Date: 2/14/2013

Reference Information

CVE: CVE-2012-5634

BID: 57223