Debian Security Advisory 4236-1

Debian Security Advisory 4236-1: Posted Jun 29, 2018; Authored by Debian | Site debian.org; Debian Linux Security Advisory 4236-1 - Multiple vulnerabilities have been discovered in the Xen hypervisor.; tags | advisory, vulnerability; systems | linux, debian; advisories | CVE-2018-12891, CVE-2018-12892, CVE-2018-12893; SHA-256 | bc38a7c7dcdcd73bd1df565a0d7810fd50d34a4eb9c6c879d0393737aeb23585; Download | Favorite | View

Debian Security Advisory 4236-1

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-4236-1                   security@debian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
June 27, 2018                         https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : xen
CVE ID         : CVE-2018-12891 CVE-2018-12892 CVE-2018-12893

Multiple vulnerabilities have been discovered in the Xen hypervisor:

CVE-2018-12891

    It was discovered that insufficient validation of PV MMU operations
    may result in denial of service.

CVE-2018-12892

    It was discovered that libxl fails to honour the 'readonly' flag on
    HVM-emulated SCSI disks.
    
CVE-2018-12893

    It was discovered that incorrect implementation of debug exception
    checks could result in denial of service.

For the stable distribution (stretch), these problems have been fixed in
version 4.8.3+xsa267+shim4.10.1+xsa267-1+deb9u9.

We recommend that you upgrade your xen packages.

For the detailed security status of xen please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/xen

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAlsz/0cACgkQEMKTtsN8
TjYb8g//dg5mvwFAVUlUL3x83h+malQf4qXiaoHRiorREYkmndCmKLR0gsiSy1yf
rffQ2lxTnMVEN/pcEwlFDTT3kPvXWS/sKB+8d7wihLOQ/yc+R1lchZz9rLs1wlf6
STOCVSRscSRSLa5HkRSM8peNrE9WgoL9JXQO0dZ6LNGutm+9r2xjVTd/tU+Z+xsd
ZSp356iITderx0Sb8ii3UYO+nNW9itJBct3MAdmlQ6jJ6pJrYnpO1l8AE+QKapzk
70zav49qx6QS40HRz7OzJaEWH74VITIRfggxtvCoQFEnrQtkQ48ImMiEToaegtZS
DvJTsCY8YqQ9DLsINoLEwQkHelIl4w9mzH7681/meAZUJjeq80+aVhAFdovFevJ3
jceytwFskKe5qCKqLesFiXwG+sDDbqfpJSKP8xgCL5ltoPO+7aMjkCQwRfyVMEFy
ugA9oOYSWbJz5LEs0bhOgmldxgzs+u0yK8hhEQntTXQSMkldL1l6RVzzNZ2WTJZZ
UakldERJdbRGVOuzBOEV5GeyRnUtcfBvw7NIIYlcIswcp+h0pSRP5YWCUaEJ2TuB
JvKSbNidQxnoguOkuKVmWdO6fZI9oPaIVc5r9nKia017nh/fqLlgy3OC0d9/9Ppm
CYQ9plmmS7cs8Keyb7/cp2fouRhJXMMOYvCNvYU2R3UBro9TUm0=
=JIlu
-----END PGP SIGNATURE-----

Top Authors In Last 30 Days

Red Hat 234 files
indoushka 93 files
Ubuntu 87 files
Gentoo 36 files
Jasper Nota 25 files
Debian 21 files
Willem Westerhof 19 files
Jim Blankendaal 11 files
Apple 9 files
Martijn Baalman 9 files

File Archives

Systems

AIX (429)
Apple (2,099)
BSD (377)
CentOS (58)
Cisco (1,927)
Debian (7,099)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,567)
HPUX (880)
iOS (378)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (50,756)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (489)
RedHat (16,521)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,747)
UNIX (9,436)
UnixWare (187)
Windows (6,674)
Other

Debian Security Advisory 4236-1

Debian Security Advisory 4236-1

File Archive:

August 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

Debian Security Advisory 4236-1

Share This

Debian Security Advisory 4236-1

File Archive:

August 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems