This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy
This security advisory (SA) describes the impact of Xen vulnerabilities discovered in website.
This vulnerability is referenced in this document as follows:
XSA-120: Non-maskable interrupts triggerable by guests. In the event that the platform surfaces aforementioned UR responses as Non-Maskable Interrupts, and either the OS is configured to treat NMIs as fatal or (e.g. via ACPI's APEI) the platform tells the OS to treat these errors as fatal, the host would crash, leading to a Denial of Service.( HWPSIRT-2015-03019)
This Vulnerability has been assigned Common Vulnerabilities and Exposures (CVE) ID: CVE-2015-2150.
XSA-123: Hypervisor memory corruption due to x86 emulator flaw. A malicious guest might be able to read sensitive data relating to other guests, or to cause denial of service on the host. Arbitrary code execution, and therefore privilege escalation, cannot be excluded. (HWPSIRT-2015-03020)
This Vulnerability has been assigned Common Vulnerabilities and Exposures (CVE) ID: CVE-2015-2151.
XSA-121: Information leak via internal x86 system device emulation. A malicious HVM guest might be able to read sensitive data relating to other guests. (HWPSIRT-2015-03021)
This Vulnerability has been assigned Common Vulnerabilities and Exposures (CVE) ID: CVE-2015-2044.
XSA-122: Information leak through version information hypercall. A malicious guest might be able to read sensitive data relating to other guests.
This Vulnerability has been assigned Common Vulnerabilities and Exposures (CVE) ID: CVE-2015-2045.
Product Name |
Affected Version |
Solved version |
FusionCompute |
V100R003C00 |
Upgrade to V100R005C00SPC300 or Reference to Product warning |
V100R005C00 |
V100R005C00SPC300 |
|
GalaxEngine |
V100R002C02 |
Upgrade to V100R005C00SPC300 or Reference to Product warning |
SingleCLOUD |
V100R002C00 |
Upgrade to V100R005C00SPC300 or Reference to Product warning |
Successful exploitation of these vulnerabilities may allow an attacker to modify memory address of the Hypervisor. As a result, a malicious guest OS can obtain the information of other guest OSs, leading to the disclosure of sensitive information. The malicious user can also exploit the vulnerability to execute arbitrary code to escalate the privilege and control the entire virtual machine.
The vulnerability classification has been performed by using the CVSSv2 scoring system (http://www.first.org/cvss/).
CVE-2015-2150:
Base Score: 5.5 (L/AC:M/Au:S/C:C/I:P/A:P)
Temporal Score: 4.6 (E:F/RL:O/RC:C)
CVE-2014-2151:
Base Score: 7.2 (AV:L/AC:L/Au:N/C:C/I:C/A:C)
Temporal Score: 5.9 (E:F/RL:O/RC:C)
CVE-2015-2044:
Base Score: 2.1 (AV:L/AC:L/Au:N/C:P/I:N/A:N)
Temporal Score: 1.7 (E:F/RL:O/RC:C)
CVE-2014-2045:
Base Score: 2.1 (AV:L/AC:L/Au:N/C:P/I:N/A:N)
Temporal Score: 1.7 (E:F/RL:O/RC:C)
For additional details, customers are advised to reference the website link:
http://xenbits.xen.org/xsa/advisory-120.html
http://xenbits.xen.org/xsa/advisory-123.html
This vulnerability is disclosed by website. The link is same with “Technique Details” link.
For security problems about Huawei products and solutions, please contactPSIRT@huawei.com.
For general problems about Huawei products and solutions, please directly contact Huawei TAC (Huawei Technical Assistance Center) to request the configuration or technical assistance.
2015-04-10 V1.0 INITIAL
None