[xen] disable qemu monitor by default [XSA-19]

myoung myoung at fedoraproject.org
Thu Sep 6 18:17:33 UTC 2012 

commit 804b8835736407d0d0ce36c765fd1551b547647e
Author: Michael Young <m.a.young at durham.ac.uk>
Date:   Thu Sep 6 19:16:15 2012 +0100

    disable qemu monitor by default [XSA-19]

 ...-d7d453f51459b591faa96d1c123b5bfff7c5b6b6.patch |   36 ++++++++++++++++++++
 xen.spec                                           |    7 +++-
 2 files changed, 42 insertions(+), 1 deletions(-)
---
diff --git a/qemu-xen-4.1-testing.git-d7d453f51459b591faa96d1c123b5bfff7c5b6b6.patch b/qemu-xen-4.1-testing.git-d7d453f51459b591faa96d1c123b5bfff7c5b6b6.patch
new file mode 100644
index 0000000..f2f4ac7
--- /dev/null
+++ b/qemu-xen-4.1-testing.git-d7d453f51459b591faa96d1c123b5bfff7c5b6b6.patch
@@ -0,0 +1,36 @@
+From d7d453f51459b591faa96d1c123b5bfff7c5b6b6 Mon Sep 17 00:00:00 2001
+From: Ian Jackson <ian.jackson at eu.citrix.com>
+Date: Thu, 6 Sep 2012 17:05:30 +0100
+Subject: [PATCH] Disable qemu monitor by default.  The qemu monitor is an overly
+ powerful feature which must be protected from untrusted (guest)
+ administrators.
+
+Neither xl nor xend expect qemu to produce this monitor unless it is
+explicitly requested.
+
+This is a security problem, XSA-19.  Previously it was CVE-2007-0998
+in Red Hat but we haven't dealt with it in upstream.  We hope to have
+a new CVE for it here but we don't have one yet.
+
+Signed-off-by: Ian Jackson <ian.jackson at eu.citrix.com>
+(cherry picked from commit bacc0d302445c75f18f4c826750fb5853b60e7ca)
+---
+ vl.c |    2 +-
+ 1 files changed, 1 insertions(+), 1 deletions(-)
+
+diff --git a/tools/ioemu-qemu-xen/vl.c b/tools/ioemu-qemu-xen/vl.c
+index f07a659..686a9bd 100644
+--- a/tools/ioemu-qemu-xen/vl.c
++++ b/tools/ioemu-qemu-xen/vl.c
+@@ -4910,7 +4910,7 @@ int main(int argc, char **argv, char **envp)
+     kernel_cmdline = "";
+     cyls = heads = secs = 0;
+     translation = BIOS_ATA_TRANSLATION_AUTO;
+-    monitor_device = "vc:80Cx24C";
++    monitor_device = "null";
+ 
+     serial_devices[0] = "vc:80Cx24C";
+     for(i = 1; i < MAX_SERIAL_PORTS; i++)
+-- 
+1.7.2.5
+
diff --git a/xen.spec b/xen.spec
index a5051cf..629f7b6 100644
--- a/xen.spec
+++ b/xen.spec
@@ -20,7 +20,7 @@
 Summary: Xen is a virtual machine monitor
 Name:    xen
 Version: 4.1.3
-Release: 3%{?dist}
+Release: 4%{?dist}
 Group:   Development/Libraries
 License: GPLv2+ and LGPLv2+ and BSD
 URL:     http://xen.org/
@@ -78,6 +78,7 @@ Patch61: xen-4.1-testing.23350.patch
 Patch62: xen-4.1-testing.23351.patch
 Patch63: xen-4.1-testing.23352.patch
 Patch64: qemu-xen-4.1-testing.git-3220480734832a148d26f7a81f90af61c2ecfdd9.patch
+Patch65: qemu-xen-4.1-testing.git-d7d453f51459b591faa96d1c123b5bfff7c5b6b6.patch
 
 Patch100: xen-configure-xend.patch
 
@@ -241,6 +242,7 @@ manage Xen virtual machines.
 %patch62 -p1
 %patch63 -p1
 %patch64 -p1
+%patch65 -p1
 
 %patch100 -p1
 
@@ -699,6 +701,9 @@ rm -rf %{buildroot}
 %endif
 
 %changelog
+* Thu Sep 06 2012 Michael Young <m.a.young at durham.ac.uk> - 4.1.3-4
+- disable qemu monitor by default [XSA-19]
+
 * Wed Sep 05 2012 Michael Young <m.a.young at durham.ac.uk> - 4.1.3-3
 - 5 security fixes
   a malicious 64-bit PV guest can crash the dom0 [XSA-12, CVE-2012-3494]

More information about the scm-commits mailing list