Security Advisory - Xen Vulnerabilities on Huawei FusionSphere products

This security advisory (SA) describes the impact of Xen vulnerabilities discovered in website.

This vulnerability is referenced in this document as follows:

XSA-120: Non-maskable interrupts triggerable by guests. In the event that the platform surfaces aforementioned UR responses as Non-Maskable Interrupts, and either the OS is configured to treat NMIs as fatal or (e.g. via ACPI’s APEI) the platform tells the OS to treat these errors as fatal, the host would crash, leading to a Denial of Service.( HWPSIRT-2015-03019)

This Vulnerability has been assigned Common Vulnerabilities and Exposures (CVE) ID: CVE-2015-2150.

XSA-123: Hypervisor memory corruption due to x86 emulator flaw. A malicious guest might be able to read sensitive data relating to other guests, or to cause denial of service on the host. Arbitrary code execution, and therefore privilege escalation, cannot be excluded. (HWPSIRT-2015-03020)

This Vulnerability has been assigned Common Vulnerabilities and Exposures (CVE) ID: CVE-2015-2151.

XSA-121: Information leak via internal x86 system device emulation. A malicious HVM guest might be able to read sensitive data relating to other guests. (HWPSIRT-2015-03021)

This Vulnerability has been assigned Common Vulnerabilities and Exposures (CVE) ID: CVE-2015-2044.

XSA-122: Information leak through version information hypercall. A malicious guest might be able to read sensitive data relating to other guests.

This Vulnerability has been assigned Common Vulnerabilities and Exposures (CVE) ID: CVE-2015-2045.