Debian 7: DLA-1132-1 Moderate: Xen Privilege Escalation Issues
debian lts
October 11, 2017
Multiple vulnerabilities have been discovered in the Xen hypervisor: CVE-2017-10912
Summary
CVE-2017-10912
Jann Horn discovered that incorrectly handling of page transfers might
result in privilege escalation.
CVE-2017-10913 / CVE-2017-10914
Jann Horn discovered that race conditions in grant handling might
result in information leaks or privilege escalation.
CVE-2017-10915
Andrew Cooper discovered that incorrect reference counting with
shadow paging might result in privilege escalation.
CVE-2017-10918
Julien Grall discovered that incorrect error handling in
physical-to-machine memory mappings may result in privilege
escalation, denial of service or an information leak.
CVE-2017-10920 / CVE-2017-10921 / CVE-2017-10922
Jan Beulich discovered multiple places where reference
counting on grant table operations was incorrect, resulting
in potential privilege escalation
CVE-2017-12135
Jan Beulich found multiple problems in the handling of
transitive grants which could result in denial of service
and potentially privilege escalation.
PREVIOUS
NEXT
Package: xen
Version: 4.1.6.lts1-9
CVE ID: CVE-2017-10912 CVE-2017-10913 CVE-2017-10914 CVE-2017-10915
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!