Debian: DSA-2337-1 Critical: Xen Local Access and DOS Issue
debian
November 6, 2011
Several vulnerabilities were discovered in the Xen virtual machine hypervisor
Topics Covered
Summary
CVE-2011-1166
A 64-bit guest can get one of its vCPU'ss into non-kernel
mode without first providing a valid non-kernel pagetable,
thereby locking up the host system.
CVE-2011-1583, CVE-2011-3262
Local users can cause a denial of service and possibly execute
arbitrary code via a crafted paravirtualised guest kernel image.
CVE-2011-1898
When using PCI passthrough on Intel VT-d chipsets that do not
have interrupt remapping, guest OS can users to gain host OS
privileges by writing to the interrupt injection registers.
The oldstable distribution (lenny) contains a different version of Xen
not affected by these problems.
For the stable distribution (squeeze), this problem has been fixed in
version 4.0.1-4.
For the testing (wheezy) and unstable distribution (sid), this problem
has been fixed in version 4.1.1-1.
We recommend that you upgrade your xen packages.
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
f...
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Package: xen
CVE ID: CVE-2011-1166 CVE-2011-1583 CVE-2011-1898 CVE-2011-3262
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!