Alerts This Week
Warning Icon 1 677
Alerts This Week
Warning Icon 1 677

Debian Stretch DSA-4236-1 Critical: Xen Denial Of Service Threats

debian
Calendar Grey June 27, 2018
Debian Logo
Several vulnerabilities within the Xen hypervisor have been outlined in the advisory DSA-4236-1. It is advisable to upgrade your xen packages to reduce potential risks.
Multiple vulnerabilities have been discovered in the Xen hypervisor: CVE-2018-12891
Topics%20covered

Topics Covered

security advisory denial of service security issue debian package update xen

Summary

Multiple vulnerabilities have been discovered in the Xen hypervisor:

CVE-2018-12891

It was discovered that insufficient validation of PV MMU operations
may result in denial of service.

CVE-2018-12892

It was discovered that libxl fails to honour the 'readonly' flag on
HVM-emulated SCSI disks.

CVE-2018-12893

It was discovered that incorrect implementation of debug exception
checks could result in denial of service.

For the stable distribution (stretch), these problems have been fixed in
version 4.8.3+xsa267+shim4.10.1+xsa267-1+deb9u9.

We recommend that you upgrade your xen packages.

For the detailed security status of xen please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/source-package/xen

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/



Severity
critical
Lowest
Low
Medium
High
Critical

Package: xen
CVE ID: CVE-2018-12891 CVE-2018-12892 CVE-2018-12893

Topics%20covered

Topics Covered

security advisory denial of service security issue debian package update xen

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here