The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Vulnerability of Xen: denial of service via pciback

Synthesis of the vulnerability 

An attacker, who is located in a guest system, can trigger numerous PCI errors, in order to overload the host system.
Vulnerable systems: XenDesktop, XenServer, Debian, Fedora, Linux, openSUSE, RHEL, SUSE Linux Enterprise Desktop, SLES, Unix (platform) ~ not comprehensive.
Severity of this threat: 1/4.
Creation date: 05/02/2013.
Références of this weakness: BID-57740, CERTA-2013-AVI-098, CERTA-2013-AVI-158, CERTA-2013-AVI-259, CERTA-2013-AVI-412, CERTA-2013-AVI-496, CTX136540, CTX138633, CVE-2013-0231, DSA-2632-1, FEDORA-2013-2728, MDVSA-2013:194, openSUSE-SU-2013:0395-1, openSUSE-SU-2013:0396-1, openSUSE-SU-2013:0925-1, openSUSE-SU-2013:1619-1, RHSA-2013:0747-01, SUSE-SU-2013:0674-1, SUSE-SU-2013:0759-1, SUSE-SU-2013:0759-2, SUSE-SU-2013:0786-1, SUSE-SU-2019:14051-1, VIGILANCE-VUL-12380, XSA-43.

Description of the vulnerability 

The pciback_enable_msi() function of the drivers/xen/pciback/conf_space_capability_msi.c file is used to enable MSI (Message Signaled Interrupts) on PCI. It is called via the XEN_PCI_OP_enable_msi operation.

If MSI cannot be enabled, this function calls printk() to display a kernel error message. However, there is no limit on the number of times that this function can be called.

An attacker, who is located in a guest system, can therefore trigger numerous PCI errors, in order to overload the host system.
Full bulletin, software filtering, emails, fixes, ... (Request your free trial)

This weakness impacts software or systems such as XenDesktop, XenServer, Debian, Fedora, Linux, openSUSE, RHEL, SUSE Linux Enterprise Desktop, SLES, Unix (platform) ~ not comprehensive.

Our Vigil@nce team determined that the severity of this vulnerability announce is low.

The trust level is of type confirmed by the editor, with an origin of user shell.

An attacker with a expert ability can exploit this threat bulletin.

Solutions for this threat 

Linux kernel: version 3.7.10.
The version 3.7.10 is fixed:
  http://www.kernel.org/pub/linux/kernel/v3.0/

Linux kernel: version 3.4.49.
The version 3.4.49 is fixed:
  https://www.kernel.org/pub/linux/kernel/v3.x/

Linux kernel: version 3.2.40.
The version 3.2.40 is fixed:
  https://www.kernel.org/pub/linux/kernel/v3.0/

Xen: patch for pciback.
A patch is available in information sources.

Citrix XenServer: hotfix.
A hotfix is available in information sources.

Citrix XenClient XT: versions 2.1.3 and 3.1.4.
Versions 2.1.3 and 3.1.4 are fixed:
  http://www.citrix.com/downloads/xenclient/product-software/xenclient-xt-213.html
  http://www.citrix.com/downloads/xenclient/product-software/xenclient-xt-314.html

Debian: new linux-2.6 packages.
New packages are available:
  linux-2.6 2.6.32-48squeeze1

Fedora 18: new kernel packages.
New packages are available:
  kernel-3.7.9-201.fc18

Mandriva BS 1: new kernel packages.
New packages are available:
  kernel-server-3.4.52-1.1.mbs1

openSUSE 11.4: new kernel-3.0.74 packages (10/06/2013).
New packages are available:
  kernel-3.0.74-34.1

openSUSE 12.1: new kernel packages.
New packages are available:
  kernel-3.1.10-1.19.1

openSUSE 12.2: new kernel packages (04/11/2013).
New packages are available:
  kernel-3.4.63-2.44.1

openSUSE 12.2: new kernel packages (05/03/2013).
New packages are available:
  kernel-3.4.33-2.24.1

RHEL 5: new kernel packages (17/04/2013).
New packages are available:
  kernel-2.6.18-348.4.1.el5

SUSE LE 10: new kernel packages.
New packages are available:
  kernel-2.6.16.60-0.101.1

SUSE LE 11: new kernel packages 3.0.74.
New packages are available:
  kernel-3.0.74-0.6.6.2

SUSE LE 11 SP4: new kernel packages.
New packages are available:
  SUSE LE 11 SP4: kernel 3.0.101-108.90.1

SUSE LE Real Time: new kernel-rt packages.
New packages are available:
  kernel-rt-3.0.74.rt98-0.6.2.1
Full bulletin, software filtering, emails, fixes, ... (Request your free trial)

Computer vulnerabilities tracking service 

Vigil@nce provides software vulnerability bulletins. The technology watch team tracks security threats targeting the computer system.