FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

xen-kernel -- arm: vgic: incorrect rate limiting of guest triggered logging

Affected packages
4.4 <= xen-kernel < 4.5.0_3

Details

VuXML ID 912cb7f7-27df-11e5-a4a5-002590263bf5
Discovery 2015-01-29
Entry 2015-07-11

The Xen Project reports:

On ARM systems the code which deals with virtualizing the GIC distributor would, under various circumstances, log messages on a guest accessible code path without appropriate rate limiting.

A malicious guest could cause repeated logging to the hypervisor console, leading to a Denial of Service attack.

References

CVE Name CVE-2015-1563
URL http://xenbits.xen.org/xsa/advisory-118.html