1. Forum
  2. Usenet
  3. LINUX.DEBIAN.ANNOUNCE.SEC

  • [SECURITY] [DSA 2662-1] xen security update

    From Salvatore Bonaccorso@1:229/2 to All on Thu Apr 18 16:30:01 2013
    From: [email protected]

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

    - ------------------------------------------------------------------------- Debian Security Advisory DSA-2662-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso
    April 18, 2013 http://www.debian.org/security/faq
    - -------------------------------------------------------------------------

    Package : xen
    Vulnerability : several
    Problem type : remote
    Debian-specific: no
    CVE ID : CVE-2013-1917 CVE-2013-1919

    Multiple vulnerabilities have been discovered in the Xen hypervisor. The
    Common Vulnerabilities and Exposures project identifies the following
    problems:

    CVE-2013-1917
    The SYSENTER instruction can be used by PV guests to accelerate
    system call processing. This instruction, however, leaves the EFLAGS
    register mostly unmodified. This can be used by malicious or buggy
    user space to cause the entire host to crash.

    CVE-2013-1919
    Various IRQ related access control operations may not have the
    intended effect, potentially permitting a stub domain to grant its
    client domain access to an IRQ it doesn't have access to itself.
    This can be used by malicious or buggy stub domains kernels to mount
    a denial of service attack possibly affecting the whole system.

    For the stable distribution (squeeze), these problems have been fixed in version 4.0.1-5.9.

    For the testing distribution (wheezy) and the unstable distribution
    (sid), these problems will be fixed soon.

    We recommend that you upgrade your xen packages.

    Further information about Debian Security Advisories, how to apply
    these updates to your system and frequently asked questions can be
    found at: http://www.debian.org/security/

    Mailing list: [email protected]
    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1.4.10 (GNU/Linux)

    iQEcBAEBAgAGBQJRcAS2AAoJEL97/wQC1SS+Iv8H/jgF59tOvl0f5ybpS1nOjnim ISDrxnkODEyfDlA9org+o1M61gTPyU8bT0QvjjUfeVKh5y0FewmrVoFYdlE9slI2 Q4vOwf4paQd0D/VcQWVLnTRNoHALIFq/V3WXgpo7Fk7ffXZkjQgdOE7MviX8SfLh gvl6hobIuVeEiDMWROkESpim5UjxX5Xh6X4g9C1a3o82nCxKyv55/SWz4lpCqbxV CNyKt3Qo6IdbHkKVFSasYZhb1oPtiGAMuIFyOhmRXmpZRSyfomuJI4HJlUgs0rZ3 j4ki0LjETq3DfwY5eP2gDPaE2aPc5TgUJC9kmOtUviRFIAWjU0LFwN/y3hZVRVg=
    =7t1v
    -----END PGP SIGNATURE-----


    --
    To UNSUBSCRIBE, email to [email protected]
    with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: http://lists.debian.org/[email protected]

    --- SoupGate-Win32 v1.05
    * Origin: you cannot sedate... all the things you hate (1:229/2)