mirror of
https://github.com/NixOS/nixpkgs.git
synced 2026-07-06 17:13:24 -05:00
xen: patch with XSA-491
Xen Security Advisory CVE-2026-42487 / XSA-491
version 2
x86 HVM I/O port list traversal
HVM guest I/O port accesses are subject to either emulation or at least
translation. Translations are managed by the device model (via
XEN_DOMCTL_ioport_mapping), and hence the linked list used may changed
at any time. Traversal of those lists (while handling guest I/O port
accesses) therefore needs synchronizing with updates, which was missing
so far.
A device model of a HVM guest can cause a hypervisor crash, causing a
Denial of Service (DoS) of the entire host. Privilege escalation and
information leaks cannot be ruled out.
https://xenbits.xen.org/xsa/advisory-491.html
Signed-off-by: Fernando Rodrigues <alpha@sigmasquadron.net>
This commit is contained in:
parent
a343770e93
commit
1629ccf012
1 changed files with 6 additions and 0 deletions
|
|
@ -216,6 +216,12 @@ stdenv.mkDerivation (finalAttrs: {
|
|||
hash = "sha256-PF4zNeaS8aXHBNKLcgjVBUqmREg+nvdyHyLlhX2YBiw=";
|
||||
})
|
||||
|
||||
# XSA #491
|
||||
(fetchpatch {
|
||||
url = "https://xenbits.xenproject.org/xsa/xsa491-4.21.patch";
|
||||
hash = "sha256-I21YIcaK1v7BfBJi/aiVACgR3QyN+/gXnB4YMprT4zA=";
|
||||
})
|
||||
|
||||
# patch `libxl` to search for `qemu-system-i386` properly. (Before 4.21)
|
||||
(fetchpatch {
|
||||
url = "https://github.com/xen-project/xen/commit/f6281291704aa356489f4bd927cc7348a920bd01.diff?full_index=1";
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue