[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-devel] [PATCH 0/6] misc hardening and some cleanup

Ilja has reported a couple of issues which were on the boundary of
needing an XSA, due to some vagueness of the statements resulting
from XSA-77. The first 3 patches here address these reports, after
having settled within the Security Team that we can't find anyone /
anything actually being potentially affected in reality.

In the course of auditing for possible actual issues resulting from
the missing overflow check addressed by patch 3, a few more cleanup
opportunities were noticed, which the remaining 3 patches take care

1: EFI: re-check {get,set}-variable name strings after copying in
2: EFI: don't leak heap contents through XEN_EFI_get_next_variable_name
3: xmalloc: guard against integer overflow
4: Arm/GICv2: don't needlessly use xzalloc_bytes()
5: sysctl: use xmalloc_array() for XEN_SYSCTL_page_offline_op
6: domctl/vNUMA: avoid arithmetic overflow


Xen-devel mailing list



Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.