Welcome to our website
To take full advantage of all features you need to login or register. Registration is completely free and takes only a few seconds.
Xen security update for Debian
Posted by Philipp Esselbach on: 11/06/2011 10:48 AM [ Print | 0 comment(s) ]
A Xen security update has been released for Debian GNU/Linux
- -------------------------------------------------------------------------
Debian Security Advisory DSA-2337-1 security@debian.org
http://www.debian.org/security/ Thijs Kinkhorst
November 6, 2011 http://www.debian.org/security/faq
- -------------------------------------------------------------------------
Package : xen
Vulnerability : several vulnerabilities
Problem type : local
Debian-specific: no
CVE ID : CVE-2011-1166 CVE-2011-1583 CVE-2011-1898 CVE-2011-3262
Several vulnerabilities were discovered in the Xen virtual machine
hypervisor.
CVE-2011-1166
A 64-bit guest can get one of its vCPU'ss into non-kernel
mode without first providing a valid non-kernel pagetable,
thereby locking up the host system.
CVE-2011-1583, CVE-2011-3262
Local users can cause a denial of service and possibly execute
arbitrary code via a crafted paravirtualised guest kernel image.
CVE-2011-1898
When using PCI passthrough on Intel VT-d chipsets that do not
have interrupt remapping, guest OS can users to gain host OS
privileges by writing to the interrupt injection registers.
The oldstable distribution (lenny) contains a different version of Xen
not affected by these problems.
For the stable distribution (squeeze), this problem has been fixed in
version 4.0.1-4.
For the testing (wheezy) and unstable distribution (sid), this problem
has been fixed in version 4.1.1-1.
We recommend that you upgrade your xen packages.
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: http://www.debian.org/security/
Debian Security Advisory DSA-2337-1 security@debian.org
http://www.debian.org/security/ Thijs Kinkhorst
November 6, 2011 http://www.debian.org/security/faq
- -------------------------------------------------------------------------
Package : xen
Vulnerability : several vulnerabilities
Problem type : local
Debian-specific: no
CVE ID : CVE-2011-1166 CVE-2011-1583 CVE-2011-1898 CVE-2011-3262
Several vulnerabilities were discovered in the Xen virtual machine
hypervisor.
CVE-2011-1166
A 64-bit guest can get one of its vCPU'ss into non-kernel
mode without first providing a valid non-kernel pagetable,
thereby locking up the host system.
CVE-2011-1583, CVE-2011-3262
Local users can cause a denial of service and possibly execute
arbitrary code via a crafted paravirtualised guest kernel image.
CVE-2011-1898
When using PCI passthrough on Intel VT-d chipsets that do not
have interrupt remapping, guest OS can users to gain host OS
privileges by writing to the interrupt injection registers.
The oldstable distribution (lenny) contains a different version of Xen
not affected by these problems.
For the stable distribution (squeeze), this problem has been fixed in
version 4.0.1-4.
For the testing (wheezy) and unstable distribution (sid), this problem
has been fixed in version 4.1.1-1.
We recommend that you upgrade your xen packages.
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: http://www.debian.org/security/
