Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 452
Alerts This Week
Warning Icon 1 452

Fedora 25: 2017-C3149B5FCB Moderate: Xen Security Flaws Overview

fedora
Calendar Grey July 12, 2017
Dist Fedora Esm H88
Several flaws identified in the Xen hypervisor compromise Fedora 25, posing threats of elevated privileges, potential data exposure, and issues with ARM guest operations.
xen: various flaws (#1463247) blkif responses leak backend stack data [XSA-216] page transfer may allow PV guest to elevate privilege [XSA-217] Races in the grant table unmap code ...

Summary

This package contains the XenD daemon and xm command line

tools, needed to manage virtual machines running under the

Xen hypervisor

xen: various flaws (#1463247) blkif responses leak backend stack data [XSA-216]

page transfer may allow PV guest to elevate privilege [XSA-217] Races in the

grant table unmap code [XSA-218] x86: insufficient reference counts during

shadow emulation [XSA-219] x86: PKRU and BND* leakage between vCPU-s [XSA-220]

stale P2M mappings due to insufficient error checking [XSA-222] ARM guest

disabling interrupt may crash Xen [XSA-223] grant table operations mishandle

reference counts [XSA-224] arm: vgic: Out-of-bound access when sending SGIs

[XSA-225] NULL pointer deref in event channel poll [XSA-221] (#1463231)

[ 1 ] Bug #1458870 - CVE-2017-10911 xsa216 xen: blkif responses leak backend stack data (XSA-216)

https://bugzilla.redhat.com/show_bug.cgi?id=1458870

[ 2 ] Bug #1458871 - CVE-2017-10912 xsa217 xen: page transfer may allow PV guest to elevate privilege (XSA-217)

https://bugzilla.redhat.com/show_bug.cgi?id=1458871

[ 3 ] Bug #1458872 - CVE-2017-10913 CVE-2017-10914 xsa218 xen: Races in the grant table unmap code (XSA-218)

https://bugzilla.redhat.com/show_bug.cgi?id=1458872

[ 4 ] Bug #1458873 - CVE-2017-10915 xsa219 xen: x86: insufficient reference counts during shadow emulation (XSA-219)

https://bugzilla.redhat.com/show_bug.cgi?id=1458873

[ 5 ] Bug #1458874 - CVE-2017-10916 xsa220 xen: x86: PKRU and BND* leakage between vCPU-s (XSA-220)

https://bugzilla.redhat.com/show_bug.cgi?id=1458874

[ 6 ] Bug #1458876 - CVE-2017-10918 xsa222 xen: stale P2M mappings due to insufficient error checking (XSA-222)

https://bugzilla.redhat.com/show_bug.cgi?id=1458876

[ 7 ] Bug #1458877 - CVE-2017-10919 xsa223 xen: ARM guest disabling interrupt may crash Xen (XSA-223)

https://bugzilla.redhat.com/show_bug.cgi?id=1458877

[ 8 ] Bug #1458878 - CVE-2017-10920 CVE-2017-10921 CVE-2017-10922 xsa224 xen: grant table operations mishandle reference counts (XSA-224)

https://bugzilla.redhat.com/show_bug.cgi?id=1458878

[ 9 ] Bug #1459515 - CVE-2017-10923 xsa225 xen: arm: vgic: Out-of-bound access when sending SGIs (XSA-225)

https://bugzilla.redhat.com/show_bug.cgi?id=1459515

[ 10 ] Bug #1458875 - CVE-2017-10917 xsa221 xen: NULL pointer deref in event channel poll (XSA-221)

https://bugzilla.redhat.com/show_bug.cgi?id=1458875

su -c 'dnf upgrade xen' at the command line.

For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/security/

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Change Log

References

Update Instructions

Product: Fedora 25
Version: 4.7.2
Release: 7.fc25
Summary: Xen is a virtual machine monitor

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.