UbuntuUpdates.org

Bugs fixes in "xen"

Origin Bug number Title Date fixed
CVE CVE-2015-7970 The p2m_pod_emergency_sweep function in arch/x86/mm/p2m-pod.c in Xen 3.4.x, 3.5.x, and 3.6.x is not preemptible, which allows local x86 HVM guest adm 2017-03-16
CVE CVE-2015-7969 Multiple memory leaks in Xen 4.0 through 4.6.x allow local guest administrators or domains with certain permission to cause a denial of service (memo 2017-03-16
CVE CVE-2015-7835 The mod_l2_entry function in arch/x86/mm.c in Xen 3.4 through 4.6.x does not properly validate level 2 page table entries, which allows local PV gues 2017-03-16
CVE CVE-2015-7814 Race condition in the relinquish_memory function in arch/arm/domain.c in Xen 4.6.x and earlier allows local domains with partial management control t 2017-03-16
CVE CVE-2015-7813 Xen 4.4.x, 4.5.x, and 4.6.x does not limit the number of printk console messages when reporting unimplemented hypercalls, which allows local guests t 2017-03-16
CVE CVE-2015-7812 arm: Host crash when preempting a multicall 2017-03-16
CVE CVE-2016-7093 Xen 4.5.3, 4.6.3, and 4.7.x allow local HVM guest OS administrators to overwrite hypervisor memory and consequently gain host OS privileges by levera 2017-03-16
CVE CVE-2013-2076 xen: Information leak on XSAVE/XRSTOR capable AMD CPUs 2017-03-16
Launchpad 1671864 Xen stable update to 4.6.5 2017-03-16
CVE CVE-2016-1001 Heap-based buffer overflow in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.57 2017-01-19
CVE CVE-2016-1002 Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 2 2017-01-19
CVE CVE-2016-9932 x86 CMPXCHG8B emulation fails to ignore operand size override 2017-01-19
CVE CVE-2016-9380 delimiter injection vulnerabilities in pygrub 2017-01-19
CVE CVE-2016-9379 delimiter injection vulnerabilities in pygrub 2017-01-19
CVE CVE-2016-9378 x86 software interrupt injection mis-handled 2017-01-19
CVE CVE-2016-9377 x86 software interrupt injection mis-handled 2017-01-19
CVE CVE-2016-9383 x86 64-bit bit test instruction emulation broken 2017-01-19
CVE CVE-2016-9385 x86 segment base write emulation lacking canonical address checks 2017-01-19
CVE CVE-2016-9382 x86 task switch to VM86 mode mis-handled 2017-01-19
CVE CVE-2016-9386 x86 null segments not always treated as unusable 2017-01-19



About   -   Send Feedback to @ubuntu_updates