This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision | ||
virtualization [2015/12/03 11:56] Sona Sarmadi |
virtualization [2016/01/14 12:10] (current) Sona Sarmadi |
||
---|---|---|---|
Line 1: | Line 1: | ||
- | ==== KVM(Linux kernel)/QEMU ==== | + | ==== KVM ==== |
* git reppo: https://git.opnfv.org/cgit/kvmfornfv/tree | * git reppo: https://git.opnfv.org/cgit/kvmfornfv/tree | ||
* kernel-git: https://git.opnfv.org/cgit/kvmfornfv/tree/kernel | * kernel-git: https://git.opnfv.org/cgit/kvmfornfv/tree/kernel | ||
- | * Qemu-git: https://git.opnfv.org/cgit/kvmfornfv/tree/qemu | + | * KVM Security Improvements: http://www.linux-kvm.org/images/f/f6/01x02-KVMHardening.pdf |
- | * Qemu-wiki: http://wiki.qemu.org | + | CVE-list: |
- | * Qemu-security process: http://wiki.qemu.org/SecurityProcess | + | * [[https://web.nvd.nist.gov/view/vuln/search-results?query=kvm&search_type=all&cves=on|web.nvd.nist.gov]] |
- | * CVE-list: https://www.cvedetails.com/vulnerability-list/vendor_id-7506/Qemu.html | + | * [[https://www.cvedetails.com/vulnerability-list/vendor_id-33/product_id-47/Linux-Linux-Kernel.html |cvedetails.com]](search for kvm) |
- | ^ CVE ^ Description ^ Fixed in Arno | Fixed in Master | | + | === CVEs fixed in KVM === |
+ | |||
+ | ^ CVE ^ Description ^ Fixed in Arno ^ Fixed in Brahmaputra| | ||
| [[https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8104|CVE-2015-8104]] | The KVM subsystem in the Linux kernel through 4.2.6, and Xen 4.3.x through 4.6.x, allows guest OS users to cause a denial of service (host OS panic or hang) by triggering many #DB (aka Debug) exceptions, related to svm.c. | | | | | [[https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8104|CVE-2015-8104]] | The KVM subsystem in the Linux kernel through 4.2.6, and Xen 4.3.x through 4.6.x, allows guest OS users to cause a denial of service (host OS panic or hang) by triggering many #DB (aka Debug) exceptions, related to svm.c. | | | | ||
| [[https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8104|CVE-2015-5307]] | The KVM subsystem in the Linux kernel through 4.2.6, and Xen 4.3.x through 4.6.x, allows guest OS users to cause a denial of service (host OS panic or hang) by triggering many #AC (aka Alignment Check) exceptions, related to svm.c and vmx.c. | | | | | [[https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8104|CVE-2015-5307]] | The KVM subsystem in the Linux kernel through 4.2.6, and Xen 4.3.x through 4.6.x, allows guest OS users to cause a denial of service (host OS panic or hang) by triggering many #AC (aka Alignment Check) exceptions, related to svm.c and vmx.c. | | | | ||
Line 15: | Line 17: | ||
| | | | | | ||
+ | ==== QEMU ==== | ||
+ | * Qemu-git: https://git.opnfv.org/cgit/kvmfornfv/tree/qemu | ||
+ | * Qemu-wiki: http://wiki.qemu.org | ||
+ | * Qemu-security process: http://wiki.qemu.org/SecurityProcess | ||
+ | * CVE-list: https://www.cvedetails.com/vulnerability-list/vendor_id-7506/Qemu.html | ||
+ | |||
+ | === CVEs fixed in QEMU === | ||
+ | ^ CVE ^ Description ^ Fixed in Arno ^ Fixed in Brahmaputra| | ||
+ | | [[https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7295|CVE-2015-7295]] | hw/virtio/virtio.c in the Virtual Network Device (virtio-net) support in QEMU, when big or mergeable receive buffers are not supported, allows remote attackers to cause a denial of service (guest network consumption) via a flood of jumbo frames on the (1) tuntap or (2) macvtap interface. | | | | ||
+ | | [[https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6855|CVE-2015-6855]] | hw/ide/core.c in QEMU does not properly restrict the commands accepted by an ATAPI device, which allows guest users to cause a denial of service or possibly have unspecified other impact via certain IDE commands, as demonstrated by a WIN_READ_NATIVE_MAX command to an empty drive, which triggers a divide-by-zero error and instance crash. | | | | ||
+ | | [[https://cve.mitre.org/cgi-bin/cvename.cgi?name=CCVE-2015-5225|CVE-2015-5225]] | Buffer overflow in the vnc_refresh_server_surface function in the VNC display driver in QEMU before 2.4.0.1 allows guest users to cause a denial of service (heap memory corruption and process crash) or possibly execute arbitrary code on the host via unspecified vectors, related to refreshing the server display surface. | | | | ||
==== Xen ==== | ==== Xen ==== |