1. Forum
  2. Usenet
  3. LINUX.DEBIAN.ANNOUNCE.SEC

  • [SECURITY] [DSA 4131-1] xen security update

    From Moritz Muehlenhoff@1:229/2 to All on Sun Mar 4 11:10:01 2018
    From: [email protected]

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA512

    - ------------------------------------------------------------------------- Debian Security Advisory DSA-4131-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff
    March 04, 2018 https://www.debian.org/security/faq
    - -------------------------------------------------------------------------

    Package : xen
    CVE ID : CVE-2018-7540 CVE-2018-7541 CVE-2018-7542

    Multiple vulnerabilities have been discovered in the Xen hypervisor:

    CVE-2018-7540

    Jann Horn discovered that missing checks in page table freeing may
    result in denial of service.

    CVE-2018-7541

    Jan Beulich discovered that incorrect error handling in grant table
    checks may result in guest-to-host denial of service and potentially
    privilege escalation.

    CVE-2018-7542

    Ian Jackson discovered that insufficient handling of x86 PVH guests
    without local APICs may result in guest-to-host denial of service.

    For the stable distribution (stretch), these problems have been fixed in version 4.8.3+comet2+shim4.10.0+comet3-1+deb9u5.

    We recommend that you upgrade your xen packages.

    For the detailed security status of xen please refer to
    its security tracker page at:
    https://security-tracker.debian.org/tracker/xen

    Further information about Debian Security Advisories, how to apply
    these updates to your system and frequently asked questions can be
    found at: https://www.debian.org/security/

    Mailing list: [email protected]
    -----BEGIN PGP SIGNATURE-----

    iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAlqbwwUACgkQEMKTtsN8 TjbKQhAAucrOjkc+fjAsBI3i8ereiItTX7C/dg0VATL4q62g6lAZPLVIDzu5cw5l VkEK9hhyxg+yXStNUDeswIIoX7tdenMxmN6YK1rETsJrvOn8E+bny+6twX+j0zbb T4uFXYQCinHnFbNxmWjWZi7NOOecCXpD7epG3D5KWYuTL1sYkTJ3yYADHpyUa1Zl abAmuVFyjw9MZMYzmg7ZcJun4D9ydqLRkq6DwtXxwf8AGIWQ9zrebfSz+RyY9FsO Onf/X1aoab8V48v22PrZBpLjPo+vJ07IfsIVRDm19ceBXKLWzwbjMYFisq7ypg8X LnSQo5CCBAp+mKGySU71V8aqLC4H4KaD9vJQxtK1e1zxNXdU9N9qOVbn9Qit04xL 5QKvxO+cBh3qIZ4coVTgpQVuQe9oyskR/Dji0Au4SlZpV2weDj+KhNCfIWZKZhmW TYJvKMmxRQWpbyKEhcGc9Glo2dlcXzZmfku4/9F/2OwRDQc6V5m6Vtfuk0U4goTO UhoHZJJ/U2/BunMKMVPuEPq8w44QTxHVNVtZY3MtXeI4MFk1nlXqVlFcvxWFriD0 6JDha5EuyUPdE0mSLTbexntxY1Dt4QDUtPVJ+ypnxVruHL9HTnaVGC2PS3ocRnfc tzQv/l9582ILDj25gp04hROTb+ExTXspnKhhD9zWjrCnWMJvWYw=
    =pe4c
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: you cannot sedate... all the things you hate (1:229/2)