[xen/f17] patch for [XSA-38, CVE-2013-0215] was flawed
myoung
myoung at fedoraproject.org
Fri Feb 15 22:32:25 UTC 2013
commit 5ad66bec441e6503654b489227decfbee491fc02
Author: Michael Young <m.a.young at durham.ac.uk>
Date: Fri Feb 15 22:30:54 2013 +0000
patch for [XSA-38, CVE-2013-0215] was flawed
xen.spec | 5 ++++-
xsa38.patch | 4 ++--
2 files changed, 6 insertions(+), 3 deletions(-)
---
diff --git a/xen.spec b/xen.spec
index 075b630..d1892d5 100644
--- a/xen.spec
+++ b/xen.spec
@@ -20,7 +20,7 @@
Summary: Xen is a virtual machine monitor
Name: xen
Version: 4.1.4
-Release: 4%{?dist}
+Release: 5%{?dist}
Group: Development/Libraries
License: GPLv2+ and LGPLv2+ and BSD
URL: http://xen.org/
@@ -697,6 +697,9 @@ rm -rf %{buildroot}
%endif
%changelog
+* Fri Feb 15 2013 Michael Young <m.a.young at durham.ac.uk> - 4.1.4-5
+- patch for [XSA-38, CVE-2013-0215] was flawed
+
* Wed Feb 06 2013 Michael Young <m.a.young at durham.ac.uk> - 4.1.4-4
- guest using oxenstored can crash host or exhaust memory [XSA-38,
CVE-2013-0215] (#907888)
diff --git a/xsa38.patch b/xsa38.patch
index f4a5dc0..0c6a015 100644
--- a/xsa38.patch
+++ b/xsa38.patch
@@ -43,11 +43,11 @@ index 00414c5..4888ac5 100644
+ cons = *(volatile uint32*)&intf->req_cons;
+ prod = *(volatile uint32*)&intf->req_prod;
xen_mb();
-+ cons = MASK_XENSTORE_IDX(cons);
-+ prod = MASK_XENSTORE_IDX(prod);
if (prod == cons)
return 0;
- if (MASK_XENSTORE_IDX(prod) > MASK_XENSTORE_IDX(cons))
++ cons = MASK_XENSTORE_IDX(cons);
++ prod = MASK_XENSTORE_IDX(prod);
+ if (prod > cons)
to_read = prod - cons;
else
More information about the scm-commits
mailing list