XSA-114

CVE-2014-9065 CVE-2014-9066

问题描述

http://xenbits.xen.org/xsa/advisory-114.html

p2m lock starvation

The current read/write lock implementation is read-biased, which allows a consistent stream of readers to starve writers indefinitely. There are certain rwlocks where guests are capable of applying arbitrary read pressure.

resource abuse (fairness for reader & writer)

Patch描述

http://xenbits.xen.org/xsa/xsa114.patch

switch to write-biased r/w locks

This is to improve fairness: A permanent flow of read acquires can otherwise lock out eventual writers indefinitely.

Consequence

A malicious guest administrator can deny service to other tasks. If the NMI watchdog is active, a timeout might be triggered, resulting in a host crash.

DoS