oss-sec mailing list archives

Re: [Xen-devel] Xen Security Advisory 35 (CVE-2013-0152) - Nested HVM exposes host to being driven out of memory by guest

From: M A Young <m.a.young () durham ac uk>
Date: Tue, 22 Jan 2013 21:09:29 +0000 (GMT)

On Tue, 22 Jan 2013, Xen.org security team wrote:

To fix both XSA 34 and XSA 35, first apply xsa34-4.2.patch from XSA 34
and then *also* apply xsa35-4.2-with-xsa34.patch from this advisory.


The xsa35-4.2-with-xsa34.patch patch is malformed,
@@ -3862,6 +3862,10 @@ long do_hvm_op(unsigned long op, XEN_GUE
should be
@@ -3862,6 +3862,11 @@ long do_hvm_op(unsigned long op, XEN_GUE

        Michael Young

Current thread:

Xen Security Advisory 35 (CVE-2013-0152) - Nested HVM exposes host to being driven out of memory by guest Xen . org security team (Jan 22)
- Re: [Xen-devel] Xen Security Advisory 35 (CVE-2013-0152) - Nested HVM exposes host to being driven out of memory by guest M A Young (Jan 22)
- <Possible follow-ups>
- Xen Security Advisory 35 (CVE-2013-0152) - Nested HVM exposes host to being driven out of memory by guest Xen . org security team (Jan 23)