UbuntuUpdates.org

Package "xen"




Name: xen

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • Transitional package for upgrade
  • Transitional package for upgrade
  • Xen Hypervisor on AMD64
  • Xen System on AMD64 (meta-package)

Latest version: *DELETED*
Release: xenial (16.04)
Level: proposed
Repository: universe

Links



Other versions of "xen" in Xenial

Repository Area Version
base main 4.6.0-1ubuntu4
base universe 4.6.0-1ubuntu4
security main 4.6.5-0ubuntu1.4
security universe 4.6.5-0ubuntu1.4
updates main 4.6.5-0ubuntu1.4
updates universe 4.6.5-0ubuntu1.4

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: *DELETED* 2017-03-24 12:07:05 UTC
No changelog for deleted or moved packages.

Version: 4.6.5-0ubuntu1 2017-03-20 09:06:44 UTC

  xen (4.6.5-0ubuntu1) xenial; urgency=medium

  * Rebasing to upstream stable release 4.6.5 (LP: #1671864)
    https://www.xenproject.org/downloads/xen-archives/xen-46-series.html
    - Includes fix for booting 4.10 Linux kernels in HVM guests on Intel
      hosts which support the TSC_ADJUST MSR (LP: #1671760)
    - Additional security relevant changes:
      * CVE-2013-2076 / XSA-052 (update)
        - Information leak on XSAVE/XRSTOR capable AMD CPUs
      * CVE-2016-7093 / XSA-186 (4.6.3 became vulnerable)
        - x86: Mishandling of instruction pointer truncation during emulation
      * XSA-207
        - memory leak when destroying guest without PT devices
    - Replacing the following security fixes with the versions from the
      stable update:
      * CVE-2015-7812 / XSA-145
        - arm: Host crash when preempting a multicall
      * CVE-2015-7813 / XSA-146
        - arm: various unimplemented hypercalls log without rate limiting
      * CVE-2015-7814 / XSA-147
        - arm: Race between domain destruction and memory allocation decrease
      * CVE-2015-7835 / XSA-148
        - x86: Uncontrolled creation of large page mappings by PV guests
      * CVE-2015-7969 / XSA-149, XSA-151
        - leak of main per-domain vcpu pointer array
        - x86: leak of per-domain profiling-related vcpu pointer array
      * CVE-2015-7970 / XSA-150
        - x86: Long latency populate-on-demand operation is not preemptible
      * CVE-2015-7971 / XSA-152
        - x86: some pmu and profiling hypercalls log without rate limiting
      * CVE-2015-7972 / XSA-153
        - x86: populate-on-demand balloon size inaccuracy can crash guests
      * CVE-2016-2270 / XSA-154
        - x86: inconsistent cachability flags on guest mappings
      * CVE-2015-8550 / XSA-155
        - paravirtualized drivers incautious about shared memory contents
      * CVE-2015-5307, CVE-2015-8104 / XSA-156
        - x86: CPU lockup during exception delivery
      * CVE-2015-8338 / XSA-158
        - long running memory operations on ARM
      * CVE-2015-8339, CVE-2015-8340 / XSA-159
        XENMEM_exchange error handling issues
      * CVE-2015-8341 / XSA-160
        - libxl leak of pv kernel and initrd on error
      * CVE-2015-8555 / XSA-165
        - information leak in legacy x86 FPU/XMM initialization
      * XSA-166
        - ioreq handling possibly susceptible to multiple read issue
      * CVE-2016-1570 / XSA-167
        - PV superpage functionality missing sanity checks
      * CVE-2016-1571 / XSA-168
        - VMX: intercept issue with INVLPG on non-canonical address
      * CVE-2015-8615 / XSA-169
        - x86: unintentional logging upon guest changing callback method
      * CVE-2016-2271 / XSA-170
        - VMX: guest user mode may crash guest with non-canonical RIP
      * CVE-2016-3158, CVE-2016-3159 / XSA-172
        - broken AMD FPU FIP/FDP/FOP leak workaround
      * CVE-2016-3960 / XSA-173
        - x86 shadow pagetables: address width overflow
      * CVE-2016-4962 / XSA-175
        - Unsanitised guest input in libxl device handling code
      * CVE-2016-4480 / XSA-176
        - x86 software guest page walk PS bit handling flaw
      * CVE-2016-4963 / XSA-178
        - Unsanitised driver domain input in libxl device handling
      * CVE-2016-5242 / XSA-181
        - arm: Host crash caused by VMID exhaustion
      * CVE-2016-6258 / XSA-182
        - x86: Privilege escalation in PV guests
      * CVE-2016-6259 / XSA-183
        - x86: Missing SMAP whitelisting in 32-bit exception / event delivery
      * CVE-2016-7092 / XSA-185
        - x86: Disallow L3 recursive pagetable for 32-bit PV guests
      * CVE-2016-7094 / XSA-187
        - x86 HVM: Overflow of sh_ctxt->seg_reg[]
      * CVE-2016-7777 / XSA-190
        - CR0.TS and CR0.EM not always honored for x86 HVM guests
      * CVE-2016-9386 / XSA-191
        - x86 null segments not always treated as unusable
      * CVE-2016-9382 / XSA-192
        - x86 task switch to VM86 mode mis-handled
      * CVE-2016-9385 / XSA-193
        - x86 segment base write emulation lacking canonical address checks
      * CVE-2016-9383 / XSA-195
        - x86 64-bit bit test instruction emulation broken
      * CVE-2016-9377, CVE-2016-9378 / XSA-196
        - x86 software interrupt injection mis-handled
      * CVE-2016-9379, CVE-2016-9380 / XSA-198
        - delimiter injection vulnerabilities in pygrub
      * CVE-2016-9932 / XSA-200
        - x86 CMPXCHG8B emulation fails to ignore operand size override
      * CVE-2016-9815, CVE-2016-9816, CVE-2016-9817, CVE-2016-9818 / XSA-201
        - ARM guests may induce host asynchronous abort
      * CVE-2016-10024 / XSA-202
        - x86 PV guests may be able to mask interrupts
      * CVE-2016-10025 / XSA-203
        - x86: missing NULL pointer check in VMFUNC emulation
      * CVE-2016-10013 / XSA-204
        - x86: Mishandling of SYSCALL singlestep during emulation

 -- Stefan Bader <email address hidden> Tue, 14 Mar 2017 16:08:39 +0100

1671864 Xen stable update to 4.6.5
CVE-2013-2076 xen: Information leak on XSAVE/XRSTOR capable AMD CPUs
CVE-2016-7093 Xen 4.5.3, 4.6.3, and 4.7.x allow local HVM guest OS administrators to overwrite hypervisor memory and consequently gain host OS privileges by levera
CVE-2015-7812 arm: Host crash when preempting a multicall
CVE-2015-7813 Xen 4.4.x, 4.5.x, and 4.6.x does not limit the number of printk console messages when reporting unimplemented hypercalls, which allows local guests t
CVE-2015-7814 Race condition in the relinquish_memory function in arch/arm/domain.c in Xen 4.6.x and earlier allows local domains with partial management control t
CVE-2015-7835 The mod_l2_entry function in arch/x86/mm.c in Xen 3.4 through 4.6.x does not properly validate level 2 page table entries, which allows local PV gues
CVE-2015-7969 Multiple memory leaks in Xen 4.0 through 4.6.x allow local guest administrators or domains with certain permission to cause a denial of service (memo
CVE-2015-7970 The p2m_pod_emergency_sweep function in arch/x86/mm/p2m-pod.c in Xen 3.4.x, 3.5.x, and 3.6.x is not preemptible, which allows local x86 HVM guest adm
CVE-2015-7971 Xen 3.2.x through 4.6.x does not limit the number of printk console messages when logging certain pmu and profiling hypercalls, which allows local gu
CVE-2015-7972 The (1) libxl_set_memory_target function in tools/libxl/libxl.c and (2) libxl__build_post function in tools/libxl/libxl_dom.c in Xen 3.4.x through 4.
CVE-2016-2270 Xen 4.6.x and earlier allows local guest administrators to cause a denial of service (host reboot) via vectors related to multiple mappings of MMIO p
CVE-2015-8550 paravirtualized drivers incautious about shared memory contents
CVE-2015-5307 RESERVED
CVE-2015-8104 The KVM subsystem in the Linux kernel through 4.2.6, and Xen 4.3.x through 4.6.x, allows guest OS users to cause a denial of service (host OS panic o
CVE-2015-8338 long running memory operations on ARM
CVE-2015-8339 XENMEM_exchange error handling issues
CVE-2015-8340 XENMEM_exchange error handling issues
CVE-2015-8341 libxl leak of pv kernel and initrd on error
CVE-2015-8555 information leak in legacy x86 FPU/XMM initialization
CVE-2016-1570 The PV superpage functionality in arch/x86/mm.c in Xen 3.4.0, 3.4.1, and 4.1.x through 4.6.x allows local PV guests to obtain sensitive information,
CVE-2016-1571 The paging_invlpg function in include/asm-x86/paging.h in Xen 3.3.x through 4.6.x, when using shadow mode paging or nested virtualization is enabled,
CVE-2015-8615 The hvm_set_callback_via function in arch/x86/hvm/irq.c in Xen 4.6 does not limit the number of printk console messages when logging the new callback
CVE-2016-2271 VMX in Xen 4.6.x and earlier, when using an Intel or Cyrix CPU, allows local HVM guest users to cause a denial of service (guest crash) via vectors r
CVE-2016-3158 The xrstor function in arch/x86/xstate.c in Xen 4.x does not properly handle writes to the hardware FSW.ES bit when running on AMD64 processors, whic
CVE-2016-3159 The fpu_fxrstor function in arch/x86/i387.c in Xen 4.x does not properly handle writes to the hardware FSW.ES bit when running on AMD64 processors, w
CVE-2016-3960 Integer overflow in the x86 shadow pagetable code in Xen allows local guest OS users to cause a denial of service (host crash) or possibly gain privi
CVE-2016-4962 The libxl device-handling in Xen 4.6.x and earlier allows local OS guest administrators to cause a denial of service (resource consumption or managem
CVE-2016-4480 The guest_walk_tables function in arch/x86/mm/guest_walk.c in Xen 4.6.x and earlier does not properly handle the Page Size (PS) page table entry bit
CVE-2016-4963 The libxl device-handling in Xen through 4.6.x allows local guest OS users with access to the driver domain to cause a denial of service (management
CVE-2016-5242 The p2m_teardown function in arch/arm/p2m.c in Xen 4.4.x through 4.6.x allows local guest OS users with access to the driver domain to cause a denial
CVE-2016-6258 The PV pagetable code in arch/x86/mm.c in Xen 4.7.x and earlier allows local 32-bit PV guest OS administrators to gain host OS privileges by leveragi
CVE-2016-6259 Xen 4.5.x through 4.7.x do not implement Supervisor Mode Access Prevention (SMAP) whitelisting in 32-bit exception and event delivery, which allows l
CVE-2016-7092 The get_page_from_l3e function in arch/x86/mm.c in Xen allows local 32-bit PV guest OS administrators to gain host OS privileges via vectors related
CVE-2016-7094 Buffer overflow in Xen 4.7.x and earlier allows local x86 HVM guest OS administrators on guests running with shadow paging to cause a denial of servi
CVE-2016-7777 Xen 4.7.x and earlier does not properly honor CR0.TS and CR0.EM, which allows local x86 HVM guest OS users to read or modify FPU, MMX, or XMM registe
CVE-2016-9386 x86 null segments not always treated as unusable
CVE-2016-9382 x86 task switch to VM86 mode mis-handled
CVE-2016-9385 x86 segment base write emulation lacking canonical address checks
CVE-2016-9383 x86 64-bit bit test instruction emulation broken
CVE-2016-9377 x86 software interrupt injection mis-handled
CVE-2016-9378 x86 software interrupt injection mis-handled
CVE-2016-9379 delimiter injection vulnerabilities in pygrub
CVE-2016-9380 delimiter injection vulnerabilities in pygrub
CVE-2016-9932 x86 CMPXCHG8B emulation fails to ignore operand size override
CVE-2016-9815 Xen through 4.7.x allows local ARM guest OS users to cause a denial of service (host panic) by sending an asynchronous abort.
CVE-2016-9816 Xen through 4.7.x allows local ARM guest OS users to cause a denial of service (host crash) via vectors involving an asynchronous abort while at EL2.
CVE-2016-9817 Xen through 4.7.x allows local ARM guest OS users to cause a denial of service (host crash) via vectors involving a (1) data or (2) prefetch abort wi
CVE-2016-9818 Xen through 4.7.x allows local ARM guest OS users to cause a denial of service (host crash) via vectors involving an asynchronous abort while at HYP.
CVE-2016-1002 Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 2
CVE-2016-1001 Heap-based buffer overflow in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.57



About   -   Send Feedback to @ubuntu_updates