Rechercher
Contactez-nous Suivez-nous sur Twitter En francais English Language
 

Freely subscribe to our NEWSLETTER

Newsletter FR

Newsletter EN

Vulnérabilités

Unsubscribe

Vigil@nce: Linux kernel, denial of service via xen

November 2010 by Vigil@nce

This bulletin was written by Vigil@nce : http://vigilance.fr/

SYNTHESIS OF THE VULNERABILITY

An attacker, who is located in a xen guest system, can reopen a
XenBus device, so kernel resources are never freed, which creates
a denial of service.

 Severity: 1/4
 Creation date: 25/11/2010

DESCRIPTION OF THE VULNERABILITY

The XenBus bus is used by para-virtualized devices to communicate
between domains.

The blkback, blktap and netback devices use XenBus. However, when
the bus is reopened without being closed, these devices do not
free a kernel thread. The xenwatch task then blocks, and
management commands (xm utility) stop working.

An attacker, who is located in a xen guest system, can therefore
reopen a XenBus device, so kernel resources are never freed, which
creates a denial of service.

ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN

http://vigilance.fr/vulnerability/Linux-kernel-denial-of-service-via-xen-10153


See previous articles

    

See next articles


Your podcast Here

New, you can have your Podcast here. Contact us for more information ask:
Marc Brami
Phone: +33 1 40 92 05 55
Mail: ipsimp@free.fr

All new podcasts