Bugs fixes in "xen"
| Origin | Bug number | Title | Date fixed |
|---|---|---|---|
| CVE | CVE-2015-7970 | The p2m_pod_emergency_sweep function in arch/x86/mm/p2m-pod.c in Xen 3.4.x, 3.5.x, and 3.6.x is not preemptible, which allows local x86 HVM guest adm | 2017-03-16 |
| CVE | CVE-2015-7969 | Multiple memory leaks in Xen 4.0 through 4.6.x allow local guest administrators or domains with certain permission to cause a denial of service (memo | 2017-03-16 |
| CVE | CVE-2015-7835 | The mod_l2_entry function in arch/x86/mm.c in Xen 3.4 through 4.6.x does not properly validate level 2 page table entries, which allows local PV gues | 2017-03-16 |
| CVE | CVE-2015-7814 | Race condition in the relinquish_memory function in arch/arm/domain.c in Xen 4.6.x and earlier allows local domains with partial management control t | 2017-03-16 |
| CVE | CVE-2015-7813 | Xen 4.4.x, 4.5.x, and 4.6.x does not limit the number of printk console messages when reporting unimplemented hypercalls, which allows local guests t | 2017-03-16 |
| CVE | CVE-2015-7812 | arm: Host crash when preempting a multicall | 2017-03-16 |
| CVE | CVE-2016-7093 | Xen 4.5.3, 4.6.3, and 4.7.x allow local HVM guest OS administrators to overwrite hypervisor memory and consequently gain host OS privileges by levera | 2017-03-16 |
| CVE | CVE-2013-2076 | xen: Information leak on XSAVE/XRSTOR capable AMD CPUs | 2017-03-16 |
| Launchpad | 1671864 | Xen stable update to 4.6.5 | 2017-03-16 |
| CVE | CVE-2016-1001 | Heap-based buffer overflow in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.57 | 2017-01-19 |
| CVE | CVE-2016-1002 | Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 2 | 2017-01-19 |
| CVE | CVE-2016-9932 | x86 CMPXCHG8B emulation fails to ignore operand size override | 2017-01-19 |
| CVE | CVE-2016-9380 | delimiter injection vulnerabilities in pygrub | 2017-01-19 |
| CVE | CVE-2016-9379 | delimiter injection vulnerabilities in pygrub | 2017-01-19 |
| CVE | CVE-2016-9378 | x86 software interrupt injection mis-handled | 2017-01-19 |
| CVE | CVE-2016-9377 | x86 software interrupt injection mis-handled | 2017-01-19 |
| CVE | CVE-2016-9383 | x86 64-bit bit test instruction emulation broken | 2017-01-19 |
| CVE | CVE-2016-9385 | x86 segment base write emulation lacking canonical address checks | 2017-01-19 |
| CVE | CVE-2016-9382 | x86 task switch to VM86 mode mis-handled | 2017-01-19 |
| CVE | CVE-2016-9386 | x86 null segments not always treated as unusable | 2017-01-19 |
About
-
Send Feedback to @ubuntu_updates
