UbuntuUpdates.org

Package "xen"

Name: xen

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • Public libs for Xen
  • Public headers and libs for Xen
  • OCaml libraries for controlling Xen
  • OCaml libraries for controlling Xen (devel package)

Latest version: 4.1.6.1-0ubuntu0.12.04.13
Release: precise (12.04)
Level: security
Repository: main

Links



Other versions of "xen" in Precise

Repository Area Version
base main 4.1.2-2ubuntu2
base universe 4.1.2-2ubuntu2
security universe 4.1.6.1-0ubuntu0.12.04.13
updates universe 4.1.6.1-0ubuntu0.12.04.13
updates main 4.1.6.1-0ubuntu0.12.04.13

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 4.1.6.1-0ubuntu0.12.04.13 2017-01-12 19:07:12 UTC

  xen (4.1.6.1-0ubuntu0.12.04.13) precise-security; urgency=low

  * Applying Xen Security Advisories:
    - CVE-2016-9386 / XSA-191
      * x86/hvm: Fix the handling of non-present segments
    - CVE-2016-9382 / XSA-192
      * x86/HVM: don't load LDTR with VM86 mode attrs during task switch
    - CVE-2016-9383 / XSA-195
      * x86emul: fix huge bit offset handling
    - CVE-2016-9381 / XSA-197
      * xen: fix ioreq handling
    - CVE-2016-9379, CVE-2016-9380 / XSA-198
      * pygrub: Properly quote results, when returning them to the caller
    - CVE-2016-9637 / XSA-199
      * qemu: ioport_read, ioport_write: be defensive about 32-bit addresses
    - CVE-2016-9932 / XSA-200
      * x86/emulator: add feature checks for newer instructions
      * x86emul: CMPXCHG8B ignores operand size prefix
    - CVE-2016-10024 / XSA-202
      * x86: use MOV instead of PUSH/POP when saving/restoring register state
      * x86: force EFLAGS.IF on when exiting to PV guests
    - CVE-2016-10013 / XSA-204
      * x86/emul: Correct the handling of eflags with SYSCALL

 -- Stefan Bader <email address hidden> Wed, 11 Jan 2017 11:44:28 +0100

Source diff to previous version
CVE-2016-9386 x86 null segments not always treated as unusable
CVE-2016-9382 x86 task switch to VM86 mode mis-handled
CVE-2016-9383 x86 64-bit bit test instruction emulation broken
CVE-2016-9381 qemu incautious about shared ring processing
CVE-2016-9379 delimiter injection vulnerabilities in pygrub
CVE-2016-9380 delimiter injection vulnerabilities in pygrub
CVE-2016-9637 qemu ioport array overflow
CVE-2016-9932 x86 CMPXCHG8B emulation fails to ignore operand size override
CVE-2016-1002 Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 2
CVE-2016-1001 Heap-based buffer overflow in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.57

Version: 4.1.6.1-0ubuntu0.12.04.12 2016-10-11 20:06:43 UTC

  xen (4.1.6.1-0ubuntu0.12.04.12) precise-security; urgency=low

  * Applying Xen Security Advisories:
    - CVE-2016-6258 / XSA-182
      * x86/pv: Remove unsafe bits from the mod_l?_entry() fastpath
    - CVE-2016-5403 / XSA-184
      * virtio: error out if guest exceeds virtqueue size
    - CVE-2016-7092 / XSA-185
      * x86/32on64: don't allow recursive page tables from L3
    - CVE-2016-7094 / XSA-187
      * x86/shadow: Avoid overflowing sh_ctxt->seg_reg[]
      * x86/segment: Bounds check accesses to emulation ctxt->seg_reg[]
    - CVE-2016-7777 / XSA-190
      * x86emul: honor guest CR0.TS and CR0.EM

 -- Stefan Bader <email address hidden> Thu, 06 Oct 2016 16:14:26 +0200

Source diff to previous version
CVE-2016-6258 The PV pagetable code in arch/x86/mm.c in Xen 4.7.x and earlier allows local 32-bit PV guest OS administrators to gain host OS privileges by leveragi
CVE-2016-5403 The virtqueue_pop function in hw/virtio/virtio.c in QEMU allows local guest OS administrators to cause a denial of service (memory consumption and QE
CVE-2016-7092 The get_page_from_l3e function in arch/x86/mm.c in Xen allows local 32-bit PV guest OS administrators to gain host OS privileges via vectors related
CVE-2016-7094 Buffer overflow in Xen 4.7.x and earlier allows local x86 HVM guest OS administrators on guests running with shadow paging to cause a denial of servi
CVE-2016-7777 Xen 4.7.x and earlier does not properly honor CR0.TS and CR0.EM, which allows local x86 HVM guest OS users to read or modify FPU, MMX, or XMM registe

Version: 4.1.6.1-0ubuntu0.12.04.11 2016-06-14 12:06:29 UTC

  xen (4.1.6.1-0ubuntu0.12.04.11) precise-security; urgency=low

  * Applying Xen Security Advisories:
    - CVE-2013-2212 / XSA-060
      * VMX: disable EPT when !cpu_has_vmx_pat
      * VMX: remove the problematic set_uc_mode logic
      * VMX: fix cr0.cd handling
    - CVE-2016-3158, CVE-2016-3159 / XSA-172
      * x86: fix information leak on AMD CPUs
    - CVE-2016-3960 / XSA-173
      * x86: limit GFNs to 32 bits for shadowed superpages.
      * x86/HVM: correct CPUID leaf 80000008 handling
    - CVE-2016-4480 / XSA-176
      * x86/mm: fully honor PS bits in guest page table walks
    - CVE-2016-3710 / XSA-179 (qemu traditional)
      * vga: fix banked access bounds checking
      * vga: add vbe_enabled() helper
      * vga: factor out vga register setup
      * vga: update vga register setup on vbe changes
      * vga: make sure vga register setup for vbe stays intact
    - CVE-2014-3672 / XSA-180 (qemu traditional)
      * main loop: Big hammer to fix logfile disk DoS in Xen setups

 -- Stefan Bader <email address hidden> Tue, 07 Jun 2016 20:01:06 +0200

Source diff to previous version
CVE-2013-2212 The vmx_set_uc_mode function in Xen 3.3 through 4.3, when disabling chaches, allows local HVM guests with access to memory mapped I/O regions to caus
CVE-2016-3158 The xrstor function in arch/x86/xstate.c in Xen 4.x does not properly handle writes to the hardware FSW.ES bit when running on AMD64 processors, whic
CVE-2016-3159 The fpu_fxrstor function in arch/x86/i387.c in Xen 4.x does not properly handle writes to the hardware FSW.ES bit when running on AMD64 processors, w
CVE-2016-3960 Integer overflow in the x86 shadow pagetable code in Xen allows local guest OS users to cause a denial of service (host crash) or possibly gain privi
CVE-2016-4480 The guest_walk_tables function in arch/x86/mm/guest_walk.c in Xen 4.6.x and earlier does not properly handle the Page Size (PS) page table entry bit
CVE-2016-3710 incorrect banked access bounds checking in vga module
CVE-2014-3672 The qemu implementation in libvirt before 1.3.0 and Xen allows local guest OS users to cause a denial of service (host disk consumption) by writing t

Version: 4.1.6.1-0ubuntu0.12.04.10 2016-02-25 16:07:07 UTC

  xen (4.1.6.1-0ubuntu0.12.04.10) precise-security; urgency=low

  * Applying Xen Security Advisories:
    - CVE-2016-2270 / XSA-154
      * x86: make get_page_from_l1e() return a proper error code
      * x86: make mod_l1_entry() return a proper error code
      * x86/mm: fix mod_l1_entry() return value when encountering r/o MMIO
        page
      * x86: enforce consistent cachability of MMIO mappings
    - CVE-2016-1570 / XSA-167
      * x86/mm: PV superpage handling lacks sanity checks
    - CVE-2016-1571 / XSA-168
      * x86/VMX: prevent INVVPID failure due to non-canonical guest address
    - CVE-2015-8615 / XSA-169
      * x86: make debug output consistent in hvm_set_callback_via
    - CVE-2016-2271 / XSA-170
      * x86/VMX: sanitize rIP before re-entering guest

 -- Stefan Bader <email address hidden> Thu, 25 Feb 2016 09:25:57 +0100

Source diff to previous version
CVE-2016-2270 Xen 4.6.x and earlier allows local guest administrators to cause a denial of service (host reboot) via vectors related to multiple mappings of MMIO p
CVE-2016-1570 The PV superpage functionality in arch/x86/mm.c in Xen 3.4.0, 3.4.1, and 4.1.x through 4.6.x allows local PV guests to obtain sensitive information,
CVE-2016-1571 The paging_invlpg function in include/asm-x86/paging.h in Xen 3.3.x through 4.6.x, when using shadow mode paging or nested virtualization is enabled,
CVE-2015-8615 The hvm_set_callback_via function in arch/x86/hvm/irq.c in Xen 4.6 does not limit the number of printk console messages when logging the new callback
CVE-2016-2271 VMX in Xen 4.6.x and earlier, when using an Intel or Cyrix CPU, allows local HVM guest users to cause a denial of service (guest crash) via vectors r

Version: 4.1.6.1-0ubuntu0.12.04.8 2015-12-17 16:06:51 UTC

  xen (4.1.6.1-0ubuntu0.12.04.8) precise-security; urgency=low

  * Applying Xen Security Advisories:
    - CVE-2015-8550 / XSA-155
      * blkif: Avoid double access to src->nr_segments
      * xenfb: avoid reading twice the same fields from the shared page
      * xen: Add RING_COPY_REQUEST()
      * blktap2: Use RING_COPY_REQUEST
    - CVE-2015-8339, CVE-2015-8340 / XSA-159
      * memory: fix XENMEM_exchange error handling
    - CVE-2015-7504 / XSA-162
      * net: pcnet: add check to validate receive data size
    - CVE-2015-8554 / XSA-164
      * MSI-X: avoid array overrun upon MSI-X table writes
    - CVE-2015-8555 / XSA-165
      * x86: don't leak ST(n)/XMMn values to domains first using them
    - CVE-2015-???? / XSA-166
      * x86/HVM: avoid reading ioreq state more than once

 -- Stefan Bader Wed, 16 Dec 2015 18:27:20 +0100

CVE-2015-8550 paravirtualized drivers incautious about shared memory contents
CVE-2015-8339 XENMEM_exchange error handling issues
CVE-2015-8340 XENMEM_exchange error handling issues
CVE-2015-7504 net: pcnet: heap overflow vulnerability in loopback mode
CVE-2015-8554 qemu-dm buffer overrun in MSI-X handling
CVE-2015-8555 information leak in legacy x86 FPU/XMM initialization



About   -   Send Feedback to @ubuntu_updates