[SECURITY] [DLA 964-1] xen security update
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Package : xen
Version : 4.1.6.lts1-8
CVE ID : CVE-2016-9932 CVE-2017-7995 CVE-2017-8903 CVE-2017-8904
CVE-2017-8905
Multiple vulnerabilities have been discovered in the Xen hypervisor. The
Common Vulnerabilities and Exposures project identifies the following
problems:
CVE-2016-9932 (XSA-200)
CMPXCHG8B emulation allows local HVM guest OS users to obtain sensitive
information from host stack memory.
CVE-2017-7995
Description
Xen checks access permissions to MMIO ranges only after accessing them,
allowing host PCI device space memory reads.
CVE-2017-8903 (XSA-213)
Xen mishandles page tables after an IRET hypercall which can lead to
arbitrary code execution on the host OS. The vulnerability is only exposed
to 64-bit PV guests.
CVE-2017-8904 (XSA-214)
Xen mishandles the "contains segment descriptors" property during
GNTTABOP_transfer. This might allow PV guest OS users to execute arbitrary
code on the host OS.
CVE-2017-8905 (XSA-215)
Xen mishandles a failsafe callback which might allow PV guest OS users to
execute arbitrary code on the host OS.
For Debian 7 "Wheezy", these problems have been fixed in version
4.1.6.lts1-8.
We recommend that you upgrade your xen packages.
Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEFkxwUS95KUdnZKtW/iLG/YMTXUUFAlkv1MoACgkQ/iLG/YMT
XUULTg/+OEFXWio+fsYbgoka1ledWE/O9uNrXEW1tfS+OiM22cAUfiDhxZtOGzFE
Ju7bQkvDAQPllD0Yx5Ni7Q2cz8IsMEEk4s7cJajwaURcSvTdMORcVbzEXYDvqOZg
tN3qbK+/n5TQZ/jDC6TUkFjRrYHEQb2IBds02rWyhE2paQhUXmPMcz+AXgbvc9o3
ZNojI8HgMZM1cjlAFVyKU9yl0XjxUFKr91Ud/4SAHiGl1bUEWpwKQZFRKyJ4h6Lp
uavwRC/lkI7weQGGpgZgQzcYRMbg2ZVKYgGd8aYw5bi4GaysWmuY+QIncVCR5NEZ
K34idY5dNtOzoXek3RAQ3L64CqRc4NlTgJxDxKfJLyj94FGahFifII/SPsbKpjRK
yuV9PHzdOhpmcFFNNXpV93BRGizy1QFEVEPJH00+Bnuod18L9cj8srhQBzIbFNNP
rUArxc09Za4ys6xJ+jBdvWEm3g4cPpIWiGcxy+zuCQoSBipItj1KqNxr/J1dWTSe
LOYDKnWOn/L6IF0qngHxHeIthJaXJoif0ORAbvoeI3mVUr/Sos2U3QXURNv1FP+8
qB0pY8B1JAeEU7JBeJTwcw09b1O9JkS5yGntuJ1ZEFIcdzqhnDpbdADAjMgSwGLz
TClDKSb9v6XVXfPyLKMKdgLwI0uj5WhgHRxOrEhtLz8h7wER0/w=
=Aczg
-----END PGP SIGNATURE-----
Reply to: