exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

Debian Security Advisory 3286-1

Debian Security Advisory 3286-1
Posted Jun 15, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3286-1 - Multiple security issues have been found in the Xen virtualisation solution.

tags | advisory
systems | linux, debian
advisories | CVE-2015-3209, CVE-2015-4103, CVE-2015-4104, CVE-2015-4105, CVE-2015-4106, CVE-2015-4163, CVE-2015-4164
SHA-256 | df4617fff922fb14aa9bb8c070aeda54fe27f17dd3749d173e00aec0f1557304

Debian Security Advisory 3286-1

Change Mirror Download
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- -------------------------------------------------------------------------
Debian Security Advisory DSA-3286-1 security@debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
June 13, 2015 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : xen
CVE ID : CVE-2015-3209 CVE-2015-4103 CVE-2015-4104 CVE-2015-4105
CVE-2015-4106 CVE-2015-4163 CVE-2015-4164

Multiple security issues have been found in the Xen virtualisation
solution:

CVE-2015-3209

Matt Tait discovered a flaw in the way QEMU's AMD PCnet Ethernet
emulation handles multi-TMD packets with a length above 4096 bytes.
A privileged guest user in a guest with an AMD PCNet ethernet card
enabled can potentially use this flaw to execute arbitrary code on
the host with the privileges of the hosting QEMU process.

CVE-2015-4103

Jan Beulich discovered that the QEMU Xen code does not properly
restrict write access to the host MSI message data field, allowing
a malicious guest to cause a denial of service.

CVE-2015-4104

Jan Beulich discovered that the QEMU Xen code does not properly
restrict access to PCI MSI mask bits, allowing a malicious guest to
cause a denial of service.

CVE-2015-4105

Jan Beulich reported that the QEMU Xen code enables logging for PCI
MSI-X pass-through error messages, allowing a malicious guest to
cause a denial of service.

CVE-2015-4106

Jan Beulich discovered that the QEMU Xen code does not properly restrict
write access to the PCI config space for certain PCI pass-through devices,
allowing a malicious guest to cause a denial of service, obtain sensitive
information or potentially execute arbitrary code.

CVE-2015-4163

Jan Beulich discovered that a missing version check in the
GNTTABOP_swap_grant_ref hypercall handler may result in denial of service.
This only applies to Debian stable/jessie.

CVE-2015-4164

Andrew Cooper discovered a vulnerability in the iret hypercall handler,
which may result in denial of service.

For the oldstable distribution (wheezy), these problems have been fixed
in version 4.1.4-3+deb7u8.

For the stable distribution (jessie), these problems have been fixed in
version 4.4.1-9+deb8u1. CVE-2015-3209, CVE-2015-4103, CVE-2015-4104,
CVE-2015-4105 and CVE-2015-4106 don't affect the Xen package in stable
jessie, it uses the standard qemu package and has already been fixed in
DSA-3284-1.

For the unstable distribution (sid), these problems will be fixed soon.

We recommend that you upgrade your xen packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBAgAGBQJVfDmzAAoJEBDCk7bDfE42W3AP+QGuXuhGJ5FFSHK7UmCFPbrn
xsujh8hQKJHb7WFc7k/xdimHWRT2K6MJ6v29Zl+MNR2oLcO0ty28Xuyb+EIWwTbV
avuP2igg56delwp73P5ts3ZX4YFBCsonqCjIhSd3QCQkAIGL63x78n26OrDAVvba
2piJ2lJPAMhm4gBJvkWbKnQaIDaDN5qzckZwXfHgCYKhu/d0C2ZrD+RcMg+UTq6j
CFqWB/xaGMT6WILfiKPOMlKkNxH1rqaJ3Kou5q8i9T4QvZq9vU0KHhYWWecFo/KP
S1AH7Vp1UZPQbxVAYHq2mITvIr6RRRMZxJEpzG6wnlPV5G8cM6ZqR1a7nBQ9mhoB
lRWNs8zHvMpS2XxfXzgt/pV3jH1Pj+ELPWP+m4Kjy8g2xFaiW8y4LYq4AUv5+oDa
IBuJW+UNkEWIyrWqhzu0laT8EwTmS1JFt4est4bbNMU0O2Xdo6qB432XNwM804lo
lsii1eEXe0FKpFZVYKho1gLCHVxdWz3EPhZ5qHb8Gi5tnbElVY7aqtACBFXvKd6K
81+qOpiqGk8EMHkdmGBXpwJoMTIczBXxXD9RZazq1Ynr3yNcgtnsz7CVqJTUAb2a
Ot4yIf0E5kYAau+tyVQ+Y0ZRbUN3A1u+6gpJqLvTqF80pj1M8kt7DuXC/2lQXl4q
ngY7U6RlmLRNSaXd+xvR
=gL/x
-----END PGP SIGNATURE-----
Login or Register to add favorites

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close