1. Forum
  2. Usenet
  3. LINUX.DEBIAN.ANNOUNCE.SEC

  • [SECURITY] [DSA 4201-1] xen security update

    From Moritz Muehlenhoff@1:229/2 to All on Tue May 15 22:10:01 2018
    From: [email protected]

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA512

    - ------------------------------------------------------------------------- Debian Security Advisory DSA-4201-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff
    May 15, 2018 https://www.debian.org/security/faq
    - -------------------------------------------------------------------------

    Package : xen
    CVE ID : CVE-2018-8897 CVE-2018-10471 CVE-2018-10472 CVE-2018-10981
    CVE-2018-10982

    Multiple vulnerabilities have been discovered in the Xen hypervisor:

    CVE-2018-8897

    Andy Lutomirski and Nick Peterson discovered that incorrect handling
    of debug exceptions could result in privilege escalation.

    CVE-2018-10471

    An error was discovered in the mitigations against Meltdown which
    could result in denial of service.

    CVE-2018-10472

    Anthony Perard discovered that incorrect parsing of CDROM images
    can result in information disclosure.

    CVE-2018-10981

    Jan Beulich discovered that malformed device models could result
    in denial of service.

    CVE-2018-10982

    Roger Pau Monne discovered that incorrect handling of high precision
    event timers could result in denial of service and potentially
    privilege escalation.

    For the stable distribution (stretch), these problems have been fixed in version 4.8.3+comet2+shim4.10.0+comet3-1+deb9u6.

    We recommend that you upgrade your xen packages.

    For the detailed security status of xen please refer to
    its security tracker page at:
    https://security-tracker.debian.org/tracker/xen

    Further information about Debian Security Advisories, how to apply
    these updates to your system and frequently asked questions can be
    found at: https://www.debian.org/security/

    Mailing list: [email protected]
    -----BEGIN PGP SIGNATURE-----

    iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAlr7PHoACgkQEMKTtsN8 TjbvyBAAqSJFsDcTo75hggE1faIttXR3UKOwJ4eSKbkf3G6/JnvotuO5z4bQXDBC XZfkL6kOTl579vmCGgCvBv/SrrPrJ1ibhrw+Dz1MIcjX4Yt9mb6NriWuMTObknca uw6qJakWZTB3tFcp3LlmN80B8lY/67XR8mQaZ4f0yHhGEfqIunEtSgLelmp5lLu2 M/m1iH9zQon3muhQiXiHJeMg1ghJ3xvFKbuEU9prih4NNinxquv0pmAzfbPCCBN6 E4cuEjArzdnwLydeWfCoLrFOZh5rvoMTmmK8gj2/KVlbC5YgJ5/xVlc89B4PaJKL m3oUV2dnLEpubC7uuXSOoejMnfbPcOGM4VYrmuIuxEfZZVNYE/NxvmNCZ+JDzQV7 Z939vOgyqyuojFFt7lgvoCWM2Q3xDRMrE9akK1KyAGmvyRzoczblw8N6dzL8sain gs5LUE/5dCJWQWv4IPz/V/nl50Lh+tYjbdVuZaiXxKYiqiWuCY0Ea+8QIb2UWGrk rC2BUYaoYBEo0vQhzBIi91E2hyQ+2Y6+zP6zTVTEA8PDw2YnfdffzydQ3Z9l4OSN IoTOojXPpMdcCSVzBC5OkvzBuQ6qzkVh3vftxajYazuiSrPJl8KenLJ6jFlpCzA3 p+140rFiElDCUkHacCmfs4zWQ+/ZLcoAppIxvxDEZYWyRJp3qgU=
    =KAUD
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: you cannot sedate... all the things you hate (1:229/2)