Bugs fixes in "xen"
| Origin | Bug number | Title | Date fixed |
|---|---|---|---|
| CVE | CVE-2015-7835 | The mod_l2_entry function in arch/x86/mm.c in Xen 3.4 through 4.6.x does not properly validate level 2 page table entries, which allows local PV gues | 2017-03-23 |
| CVE | CVE-2015-7814 | Race condition in the relinquish_memory function in arch/arm/domain.c in Xen 4.6.x and earlier allows local domains with partial management control t | 2017-03-23 |
| CVE | CVE-2015-7813 | Xen 4.4.x, 4.5.x, and 4.6.x does not limit the number of printk console messages when reporting unimplemented hypercalls, which allows local guests t | 2017-03-23 |
| CVE | CVE-2015-7812 | arm: Host crash when preempting a multicall | 2017-03-23 |
| CVE | CVE-2016-7093 | Xen 4.5.3, 4.6.3, and 4.7.x allow local HVM guest OS administrators to overwrite hypervisor memory and consequently gain host OS privileges by levera | 2017-03-23 |
| CVE | CVE-2013-2076 | xen: Information leak on XSAVE/XRSTOR capable AMD CPUs | 2017-03-23 |
| Launchpad | 1671864 | Xen stable update to 4.6.5 | 2017-03-23 |
| CVE | CVE-2016-1001 | Heap-based buffer overflow in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.57 | 2017-03-20 |
| CVE | CVE-2016-1002 | Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 2 | 2017-03-20 |
| CVE | CVE-2016-9818 | Xen through 4.7.x allows local ARM guest OS users to cause a denial of service (host crash) via vectors involving an asynchronous abort while at HYP. | 2017-03-20 |
| CVE | CVE-2016-9817 | Xen through 4.7.x allows local ARM guest OS users to cause a denial of service (host crash) via vectors involving a (1) data or (2) prefetch abort wi | 2017-03-20 |
| CVE | CVE-2016-9816 | Xen through 4.7.x allows local ARM guest OS users to cause a denial of service (host crash) via vectors involving an asynchronous abort while at EL2. | 2017-03-20 |
| CVE | CVE-2016-9815 | Xen through 4.7.x allows local ARM guest OS users to cause a denial of service (host panic) by sending an asynchronous abort. | 2017-03-20 |
| CVE | CVE-2016-9932 | x86 CMPXCHG8B emulation fails to ignore operand size override | 2017-03-20 |
| CVE | CVE-2016-9380 | delimiter injection vulnerabilities in pygrub | 2017-03-20 |
| CVE | CVE-2016-9379 | delimiter injection vulnerabilities in pygrub | 2017-03-20 |
| CVE | CVE-2016-9378 | x86 software interrupt injection mis-handled | 2017-03-20 |
| CVE | CVE-2016-9377 | x86 software interrupt injection mis-handled | 2017-03-20 |
| CVE | CVE-2016-9383 | x86 64-bit bit test instruction emulation broken | 2017-03-20 |
| CVE | CVE-2016-9385 | x86 segment base write emulation lacking canonical address checks | 2017-03-20 |
About
-
Send Feedback to @ubuntu_updates
