-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Dear Qubes Community,
We have published Qubes Security Bulletin (QSB) #35: Xen hypervisor issue related to grant tables (XSA-236). The text of this QSB is reproduced below. This QSB and its accompanying signatures will always be available in the Qubes Security Pack (qubes-secpack). View QSB #35 in the qubes-secpack: <https://github.com/QubesOS/qubes-secpack/blob/master/QSBs/qsb-035-2017.txt> Learn about the qubes-secpack, including how to obtain, verify, and read it: <https://www.qubes-os.org/security/pack/> View all past QSBs: <https://www.qubes-os.org/security/bulletins/> View XSA-236 in the XSA Tracker: <https://www.qubes-os.org/security/xsa/#236> ``` ---===[ Qubes Security Bulletin #35 ]===--- October 24, 2017 Xen hypervisor issue related to grant tables (XSA-236) Summary ======== The Xen Security Team has published Xen Security Advisory 236, which concerns an issue with the grant tables mechanism used to share memory between domains. The practical impact of this advisory is believed to be denial of service only. However, privilege escalation and information leaks are theoretically possible. Technical details ================== Xen Security Advisory 236 [1]: | Grant copying code made an implication that any grant pin would be | accompanied by a suitable page reference. Other portions of code, | however, did not match up with that assumption. When such a grant | copy operation is being done on a grant of a dying domain, the | assumption turns out wrong. | | A malicious guest administrator can cause hypervisor memory | corruption, most likely resulting in host crash and a Denial of | Service. Privilege escalation and information leaks cannot be ruled | out. Compromise Recovery ==================== Beginning with Qubes 3.2, we offer Paranoid Backup Restore Mode, which was designed specifically to aid in the recovery of a potentially compromised Qubes OS system. If you believe your system may be compromised (perhaps because of the issue discussed in this bulletin), please read and follow the procedure described here: https://www.qubes-os.org/news/2017/04/26/qubes-compromise-recovery/ Patching ========= The specific packages that resolve the problem discussed in this bulletin are as follows: For Qubes 3.2: - Xen packages, version 4.6.6-34 For Qubes 4.0: - Xen packages, version 4.8.2-9 The packages are to be installed in dom0 via the Qubes VM Manager or via the qubes-dom0-update command as follows: For updates from the stable repository (not immediately available): $ sudo qubes-dom0-update For updates from the security-testing repository: $ sudo qubes-dom0-update --enablerepo=qubes-dom0-security-testing A system restart will be required afterwards. These packages will migrate from the security-testing repository to the current (stable) repository over the next two weeks after being tested by the community. If you use Anti Evil Maid, you will need to reseal your secret passphrase to new PCR values, as PCR18+19 will change due to the new Xen binaries. Credits ======== See the original Xen Security Advisory. References =========== [1] https://xenbits.xen.org/xsa/advisory-236.html - -- The Qubes Security Team https://www.qubes-os.org/security/ ``` - -- Best Regards, Marek Marczykowski-Górecki Invisible Things Lab A: Because it messes up the order in which people normally read text. Q: Why is top-posting such a bad thing? -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQEcBAEBCAAGBQJZ8CgsAAoJENuP0xzK19csZuMH/3UJBpIVxZVbeX+x+dwpehjo EBREIxWAFsJmygOHTgjgmu0RZEY1j3993BV4+O4oX7mAn8cLmpwTb/mYqVK3G2La adMX4PKKBBaQPOsBL44QWGJjOQeZQm9Q9uvl41H1mThvOsfk8s0kVWnENdPOm6t6 gx8Oy4BklD/2z6TkWDilxkF+8I24QuMR1UMAjwEuKZdD37jO9k4vEaD9fjIUWuxt hze20DgQypbDj1nm8VeINN3QULTNMv9LcItwnJ5v949VYW+actopaBaFmsv2lDrw Jvb2ipB+XXDSe4zRQZsgGsY9KfJkvdTCGVRhHGOMeocncyRKm48j5NWAZRp5iLE= =GPn4 -----END PGP SIGNATURE----- -- You received this message because you are subscribed to the Google Groups "qubes-devel" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-devel+unsubscr...@googlegroups.com. To post to this group, send email to qubes-devel@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-devel/20171025210951.GE2882%40mail-itl. For more options, visit https://groups.google.com/d/optout.