ProHoster > Π‘Π»ΠΎΠ³ > xov xwm hauv internet > 10 qhov tsis zoo hauv Xen hypervisor

10 qhov tsis zoo hauv Xen hypervisor

Tshaj tawm cov ntaub ntawv hais txog 10 qhov tsis zoo hauv Xen hypervisor, ntawm tsib (CVE-2019-17341, CVE-2019-17342, CVE-2019-17340, CVE-2019-17346, CVE-2019-17343) muaj peev xwm tso cai rau koj mus dhau qhov chaw qhua tam sim no thiab nce koj cov cai, ib qho tsis zoo (CVE-2019-17347) tso cai rau cov txheej txheem tsis tsim nyog tau txais kev tswj hwm cov txheej txheem ntawm lwm tus neeg siv hauv tib tus qhua system, qhov seem plaub (CVE- 2019-17344, CVE- 2019-17345, CVE-2019-17348, CVE-2019-17351) qhov tsis zoo tuaj yeem ua rau tsis lees txais kev pabcuam (kev sib tsoo ntawm tus tswv tsev ib puag ncig). Cov teeb meem kho hauv kev tshaj tawm Xen 4.12.1, 4.11.2 thiab 4.10.4.

  • CVE-2019-17341 - muaj peev xwm nkag tau mus rau theem hypervisor los ntawm cov qhua tswj los ntawm tus neeg tawm tsam. Qhov teeb meem tsuas yog tshwm sim ntawm x86 systems thiab tuaj yeem tshwm sim los ntawm cov qhua khiav hauv paravirotualization (PV) hom thaum lub PCI tshiab tau muab tso rau hauv cov qhua khiav. Qhov tsis zoo tsis tshwm sim hauv cov kab ke qhua khiav hauv HVM thiab PVH hom;
  • CVE-2019-17340 - lub cim xeeb xau, muaj peev xwm tso cai rau koj nce koj cov cai lossis nkag mus rau cov ntaub ntawv los ntawm lwm cov qhua.
    Qhov teeb meem tsuas yog tshwm sim ntawm cov tswv nrog ntau dua 16 TB ntawm RAM ntawm 64-ntsis systems thiab 168 GB ntawm 32-ntsis systems.
    Qhov tsis zoo tsuas yog siv tau los ntawm cov qhua hauv PV hom (qhov tsis muaj qhov tsis zoo tsis tshwm sim hauv HVM thiab PVH hom thaum ua haujlwm los ntawm libxl);

  • CVE-2019-17346 - qhov tsis zoo thaum siv PCID (Cov Txheej Txheem Txheej Txheem Txheej Txheem) txhawm rau txhim kho kev ua haujlwm ntawm kev tiv thaiv kev tawm tsam
    Meltdown tso cai rau koj nkag mus rau cov ntaub ntawv los ntawm lwm tus qhua thiab muaj peev xwm nce koj cov cai. Qhov tsis muaj peev xwm tsuas yog siv tau los ntawm cov qhua hauv PV hom ntawm x86 systems (qhov teeb meem tsis tshwm sim hauv HVM thiab PVH hom, nrog rau cov kev teeb tsa uas tsis muaj qhua nrog PCID enabled (PCID yog qhib los ntawm lub neej ntawd));

  • CVE-2019-17342 - ib qho teeb meem hauv kev siv XENMEM_exchange hypercall tso cai rau koj los ua kom koj cov cai hauv ib puag ncig nrog tsuas yog ib qho qhua. Qhov tsis zoo tsuas yog siv tau los ntawm cov qhua tuaj noj mov hauv PV hom (qhov tsis zoo tsis tshwm sim hauv HVM thiab PVH hom);
  • CVE-2019-17343 - Daim ntawv qhia tsis raug hauv IOMMU ua rau nws ua tau, yog tias muaj kev nkag los ntawm cov qhua tuaj rau lub cev lub cev, siv DMA los hloov nws tus kheej lub cim xeeb nplooj ntawv thiab nkag mus rau qib tswv tsev. Qhov tsis zoo tsuas yog tshwm sim hauv cov qhua hauv PV hom yog tias lawv muaj cai xa mus rau PCI li.

Tau qhov twg los: opennet.ru

Ntxiv ib saib