XSA-118

CVE-2015-1563


问题描述

http://xenbits.xen.org/xsa/advisory-118.html

arm: vgic: incorrect rate limiting of guest triggered logging

On ARM systems the code which deals with virtualising the GIC distributor would, under various circumstances, log messages on a guest accessible code path without appropriate rate limiting.

未限制写log的速度,可能造成DoS。

resource abuse (unlimited log rate)


Patch描述

http://xenbits.xen.org/xsa/xsa118-4.4.patch

printk is not rated-limited by default. Therefore a malicious guest may be able to flood the Xen console.

If we use gdprintk, unecessary information will be printed such as the filename and the line. Instead use XENLOGGERR combine with %pv.

利用XENLOG_G_ERR?


Consequence

A malicious guest could cause repeated logging to the hypervisor console, leading to a Denial of Service attack.

DoS