projects / xen.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: ae34df4) | patch
tools/xenstore: fix deleting node in transaction
authorJuergen Gross <jgross@suse.com>
Tue, 13 Sep 2022 05:35:13 +0000 (07:35 +0200)
committerAndrew Cooper <andrew.cooper3@citrix.com>
Tue, 1 Nov 2022 13:05:44 +0000 (13:05 +0000)
commit13ac37f1416cae88d97f7baf6cf2a827edb9a187
tree209c800232239c91ff07c2cc363c4adfb93a7fd6tree | snapshot
parentae34df4d82636f4c82700b447ea2c93b9f82b3f3commit | diff
tools/xenstore: fix deleting node in transaction

In case a node has been created in a transaction and it is later
deleted in the same transaction, the transaction will be terminated
with an error.

As this error is encountered only when handling the deleted node at
transaction finalization, the transaction will have been performed
partially and without updating the accounting information. This will
enable a malicious guest to create arbitrary number of nodes.

This is part of XSA-421 / CVE-2022-42325.

Signed-off-by: Juergen Gross <jgross@suse.com>
Tested-by: Julien Grall <jgrall@amazon.com>
Reviewed-by: Julien Grall <jgrall@amazon.com>
tools/xenstore/xenstored_transaction.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.