SDLab

SDLab
SDLab.org::Adminな脳み

2016年7月27日水曜日

New Windows PV Drivers


新しいWindows PVドライバがリリースされました。

Windows PV Drivers
http://www.xenproject.org/developers/teams/windows-pv-drivers.html

しかもちゃんとReleased Sign。

みんなが待ち望んでいたので、MLでは賞賛の嵐です。Thank you Paul!

プレゼンの説明
http://wiki.xenproject.org/wiki/Windows_PV_Drivers_Presentation


2016年2月24日水曜日

XenServer6.5 SP1 のセキュリティFIX情報のまとめ (2016年2月24日時点)

XenServer6.5SP1 Xen関連のセキュリティFIX一覧

最新は一番下のXS65ESP1023。
最新を適用すれば、すべての修正が含まれます。※セキュリティ関連のPatchのみです。


CTX142482 - Hotfix XS65E009 - For XenServer 6.5.0
https://support.citrix.com/article/CTX201078
CVE-2015-3456: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3456  * VENOM対応

CTX142537 - Hotfix XS65E010 - For XenServer 6.5.0
http://support.citrix.com/article/CTX201145
CVE-2015-4106 (Medium): Unmediated PCI register access in qemu.
CVE-2015-4163 (Medium): GNTTABOP_swap_grant_ref operation misbehavior.
CVE-2015-4164 (Medium): vulnerability in the iret hypercall handler
CVE-2015-2756 (Low): Unmediated PCI command register access in qemu
CVE-2015-4103 (Low): Potential unintended writes to host MSI message data field via qemu.
CVE-2015-4104 (Low): PCI MSI mask bits inadvertently exposed to guests.
CVE-2015-4105 (Low): Guest triggerable qemu MSI-X pass-through error messages

CTX201636 - Hotfix XS65E013 - For XenServer 6.5.0
http://support.citrix.com/article/CTX201636
CVE-2015-5154: QEMU heap overflow flaw while processing certain ATAPI commands (HVM)

CTX201740 - Hotfix XS65E014 - For XenServer 6.5.0
http://support.citrix.com/article/CTX201740
CVE-2015-5165: QEMU leak of uninitialized heap memory in rtl8139 device model (HVM)

CTX202438 - Hotfix XS65E015 - For XenServer 6.5.0
http://support.citrix.com/article/CTX202438
CVE-2015-7835 (High): Uncontrolled creation of large page mappings by PV guests
CVE-2015-7969 (Low): Leak of main per-domain vcpu pointer array/Leak of per-domain profiling-related vcpu pointer array
CVE-2015-7970 (Medium): Host crash when migrating a PoD VM
CVE-2015-7971 (Low): Some pmu and profiling hypercalls log without rate limiting
CVE-2015-7972 (Low): Populate-on-demand balloon size inaccuracy can crash guests

CTX202618 - Hotfix XS65E017 - For XenServer 6.5.0
http://support.citrix.com/article/CTX202618
CVE-2015-5307/CVE-2015-8104 (Medium): CPU lockup during fault delivery (HVM)

CTX142483 - Hotfix XS65ESP1002 - For XenServer 6.5.0 Service Pack 1
http://support.citrix.com/article/CTX142483
CVE-2015-3456: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3456 *VENOM

CTX142538 - Hotfix XS65ESP1004 - For XenServer 6.5.0 Service Pack 1
http://support.citrix.com/article/CTX142538
CVE-2015-4106 (Medium): Unmediated PCI register access in qemu.
CVE-2015-4163 (Medium): GNTTABOP_swap_grant_ref operation misbehavior.
CVE-2015-4164 (Medium): vulnerability in the iret hypercall handler
CVE-2015-2756 (Low): Unmediated PCI command register access in qemu
CVE-2015-4103 (Low): Potential unintended writes to host MSI message data field via qemu.
CVE-2015-4104 (Low): PCI MSI mask bits inadvertently exposed to guests.
CVE-2015-4105 (Low): Guest triggerable qemu MSI-X pass-through error messages

CTX201637 - Hotfix XS65ESP1008 - For XenServer 6.5.0 Service Pack 1
http://support.citrix.com/article/CTX201637
CVE-2015-5154: QEMU heap overflow flaw while processing certain ATAPI commands (HVM)

CTX201741 - Hotfix XS65ESP1009 - For XenServer 6.5.0 Service Pack 1
http://support.citrix.com/article/CTX201741
CVE-2015-5165: QEMU leak of uninitialized heap memory in rtl8139 device model (HVM)

CTX202074 - Hotfix XS65ESP1011 - For XenServer 6.5.0 Service Pack 1
http://support.citrix.com/article/CTX202074
*HOTFIX
*Windows DHCP server利用時の不具合修正
* GPU Pass-through か vGPU を含むPCI Pass-throughを利用した場合、ホストがクラッシュする(Intel-based serversのみ)
* HVM VMで、XenStore RINGのhvmloaderメッセージを重複させるとHVM VMがクラッシュする

CTX202439 - Hotfix XS65ESP1014 - For XenServer 6.5.0 Service Pack 1
http://support.citrix.com/article/CTX202439
CVE-2015-7835 (High): Uncontrolled creation of large page mappings by PV guests
CVE-2015-7969 (Low): Leak of main per-domain vcpu pointer array/Leak of per-domain profiling-related vcpu pointer array
CVE-2015-7970 (Medium): Host crash when migrating a PoD VM
CVE-2015-7971 (Low): Some pmu and profiling hypercalls log without rate limiting
CVE-2015-7972 (Low): Populate-on-demand balloon size inaccuracy can crash guests

CTX202619 - Hotfix XS65ESP1016 - For XenServer 6.5.0 Service Pack 1
http://support.citrix.com/article/CTX202619
CVE-2015-5307/CVE-2015-8104 (Medium): CPU lockup during fault delivery (HVM)

CTX203494 - Hotfix XS65ESP1019 - For XenServer 6.5.0 Service Pack 1
http://support.citrix.com/article/CTX203494
CVE-2015-8339/CVE-2015-8340 (Medium): Memory exchange hypercall error handling

CTX204047 - Hotfix XS65ESP1020 - For XenServer 6.5.0 Service Pack 1
http://support.citrix.com/article/CTX204047
CVE-2015-8554 (Medium): QEMU-dm buffer overrun in MSI-X handling
CVE-2015-8104 (Low): Guest crash during exception delivery
CVE-2015-8555 (High): Information leak in legacy x86 FPU/XMM initialization

CTX205355 - Hotfix XS65ESP1023 - For XenServer 6.5.0 Service Pack 1
http://support.citrix.com/article/CTX205355
CVE-2016-1571 (Medium): VMX: intercept issue with INVLPG on non-canonical address