Bug 211482

Summary:	emulators/xen {-tools/-kernel}: security advisories (XSA-182,183,184)
Product:	Ports & Packages	Reporter:	Jason Unovitch <junovitch>
Component:	Individual Port(s)	Assignee:	Roger Pau Monné <royger>
Status:	Closed FIXED
Severity:	Affects Some People	CC:	ports-secteam
Priority:	---	Keywords:	security
Version:	Latest	Flags:	bugzilla: maintainer-feedback? (royger) junovitch: merge-quarterly+
Hardware:	Any
OS:	Any
URL:	http://xenbits.xen.org/xsa/

Description Jason Unovitch freebsd_committer

2016-07-31 15:48:49 UTC

Roger,
There's been a report in the news of a potential guest to host escape in Xen (http://www.itnews.com.au/news/xen-patches-critical-guest-privilege-escalation-bug-431869). We have a few Xen Security advisories that came up in the last week. Can you address the applicability as well as patches for the following?

XSA-184 	CVE-2016-5403 	virtio: unbounded memory allocation issue
XSA-183 	CVE-2016-6259 	x86: Missing SMAP whitelisting in 32-bit exception / event delivery
XSA-182 	CVE-2016-6258 	x86: Privilege escalation in PV guests

Reference: http://xenbits.xen.org/xsa/

Comment 1 commit-hook freebsd_committer

2016-08-01 08:36:30 UTC

A commit references this bug:

Author: royger
Date: Mon Aug  1 08:35:55 UTC 2016
New revision: 419430
URL: https://svnweb.freebsd.org/changeset/ports/419430

Log:
  xen: apply XSA-{182/183/184}

  Sponsored by:	Citrix Systems R&D
  PR:		211482

Changes:
  head/emulators/xen-kernel/Makefile
  head/emulators/xen-kernel/files/xsa182-unstable.patch
  head/emulators/xen-kernel/files/xsa183-unstable.patch
  head/sysutils/xen-tools/Makefile
  head/sysutils/xen-tools/files/xsa184-qemuu-master.patch

Comment 2 commit-hook freebsd_committer

2016-08-02 02:08:13 UTC

A commit references this bug:

Author: junovitch
Date: Tue Aug  2 02:07:57 UTC 2016
New revision: 419463
URL: https://svnweb.freebsd.org/changeset/ports/419463

Log:
  Document Xen Security Advisories (XSAs 182, 183, and 184)

  PR:		211482
  Security:	CVE-2016-5403
  Security:	CVE-2016-6259
  Security:	CVE-2016-6258
  Security:	https://vuxml.FreeBSD.org/freebsd/06574c62-5854-11e6-b334-002590263bf5.html
  Security:	https://vuxml.FreeBSD.org/freebsd/04cf89e3-5854-11e6-b334-002590263bf5.html
  Security:	https://vuxml.FreeBSD.org/freebsd/032aa524-5854-11e6-b334-002590263bf5.html

Changes:
  head/security/vuxml/vuln.xml

Comment 3 commit-hook freebsd_committer

2016-08-02 02:17:15 UTC

A commit references this bug:

Author: junovitch
Date: Tue Aug  2 02:16:29 UTC 2016
New revision: 419464
URL: https://svnweb.freebsd.org/changeset/ports/419464

Log:
  MFH: r418136 r418138 r419430

  seabios: update to 1.9.3
  xen-tools: bump PORTREVISION after SeaBIOS update
  xen: apply XSA-{182/183/184}

  PR:		211482
  Sponsored by:	Citrix Systems R&D
  Approved by:	ports-secteam (with hat)
  Security:	CVE-2016-5403
  Security:	CVE-2016-6259
  Security:	CVE-2016-6258
  Security:	https://vuxml.FreeBSD.org/freebsd/06574c62-5854-11e6-b334-002590263bf5.html
  Security:	https://vuxml.FreeBSD.org/freebsd/04cf89e3-5854-11e6-b334-002590263bf5.html
  Security:	https://vuxml.FreeBSD.org/freebsd/032aa524-5854-11e6-b334-002590263bf5.html

Changes:
_U  branches/2016Q3/
  branches/2016Q3/emulators/xen-kernel/Makefile
  branches/2016Q3/emulators/xen-kernel/files/xsa182-unstable.patch
  branches/2016Q3/emulators/xen-kernel/files/xsa183-unstable.patch
  branches/2016Q3/misc/seabios/Makefile
  branches/2016Q3/misc/seabios/distinfo
  branches/2016Q3/sysutils/xen-tools/Makefile
  branches/2016Q3/sysutils/xen-tools/files/xsa184-qemuu-master.patch

Comment 4 Jason Unovitch freebsd_committer

2016-08-02 02:20:24 UTC

Thank you for the prompt action Roger. I got the VuXML and MFH covered. I saw no reason to not apply the 1.9.2 -> 1.9.3 SeaBIOS version bump to quarterly along with this because of the merge conflict due to differing PORTREVISIONs. Closing on your behalf with everything completed.