Alerts This Week
Warning Icon 1 916
Alerts This Week
Warning Icon 1 916

Fedora 26: 2017-16a414b3c5 Moderate: Xen Various Flaws Fix

fedora
Calendar Grey January 2, 2018
Dist Fedora Esm H88
Update deployment for Xen on Fedora 26 rectifying severe vulnerabilities and improving reliability within the hypervisor environment.
another patch related to the [XSA-240, CVE-2017-15595] issue xen: various flaws (#1525018) x86 PV guests may gain access to internally used page [XSA-248] broken x86 shadow mode re...

Summary

This package contains the XenD daemon and xm command line

tools, needed to manage virtual machines running under the

Xen hypervisor

another patch related to the [XSA-240, CVE-2017-15595] issue xen: various flaws

(#1525018) x86 PV guests may gain access to internally used page [XSA-248]

broken x86 shadow mode refcount overflow check [XSA-249] improper x86 shadow

mode refcount error handling [XSA-250] improper bug check in x86 log-dirty

handling [XSA-251] ---- xen: various flaws (#1518214) x86: infinite loop due

to missing PoD error checking [XSA-246] Missing p2m error checking in PoD code

[XSA-247]

[ 1 ] Bug #1518656 - CVE-2017-17566 xsa248 xen: x86 PV guests may gain access to internally used pages (XSA-248)

https://bugzilla.redhat.com/show_bug.cgi?id=1518656

[ 2 ] Bug #1518657 - CVE-2017-17563 xsa249 xen: broken x86 shadow mode refcount overflow check (XSA-249)

https://bugzilla.redhat.com/show_bug.cgi?id=1518657

[ 3 ] Bug #1518658 - CVE-2017-17564 xsa250 xen: improper x86 shadow mode refcount error handling (XSA-250)

https://bugzilla.redhat.com/show_bug.cgi?id=1518658

[ 4 ] Bug #1518659 - CVE-2017-17565 xsa251 xen: improper bug check in x86 log-dirty handling (XSA-251)

https://bugzilla.redhat.com/show_bug.cgi?id=1518659

[ 5 ] Bug #1513335 - CVE-2017-17044 xsa246 xen: x86: infinite loop due to missing PoD error checking (XSA-246)

https://bugzilla.redhat.com/show_bug.cgi?id=1513335

[ 6 ] Bug #1513336 - CVE-2017-17045 xsa247 xen: Missing p2m error checking in PoD code (XSA-247)

https://bugzilla.redhat.com/show_bug.cgi?id=1513336

su -c 'dnf upgrade xen' at the command line.

For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/security/

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Topics%20covered

Topics Covered

security advisory Fedora moderate severity virtualization Xen flaw fix

Change Log

References

Update Instructions

Severity
important
Lowest
Low
Medium
High
Critical

Product: Fedora 26
Version: 4.8.2
Release: 9.fc26
URL: https://xenproject.org/
Summary: Xen is a virtual machine monitor

Topics%20covered

Topics Covered

security advisory Fedora moderate severity virtualization Xen flaw fix

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here