-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-4131-1                   security@debian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
March 04, 2018                        https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : xen
CVE ID         : CVE-2018-7540 CVE-2018-7541 CVE-2018-7542

Multiple vulnerabilities have been discovered in the Xen hypervisor:

CVE-2018-7540

    Jann Horn discovered that missing checks in page table freeing may
    result in denial of service.

CVE-2018-7541

    Jan Beulich discovered that incorrect error handling in grant table
    checks may result in guest-to-host denial of service and potentially
    privilege escalation.

CVE-2018-7542

    Ian Jackson discovered that insufficient handling of x86 PVH guests
    without local APICs may result in guest-to-host denial of service.

For the stable distribution (stretch), these problems have been fixed in
version 4.8.3+comet2+shim4.10.0+comet3-1+deb9u5.

We recommend that you upgrade your xen packages.

For the detailed security status of xen please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/xen

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAlqbwwUACgkQEMKTtsN8
TjbKQhAAucrOjkc+fjAsBI3i8ereiItTX7C/dg0VATL4q62g6lAZPLVIDzu5cw5l
VkEK9hhyxg+yXStNUDeswIIoX7tdenMxmN6YK1rETsJrvOn8E+bny+6twX+j0zbb
T4uFXYQCinHnFbNxmWjWZi7NOOecCXpD7epG3D5KWYuTL1sYkTJ3yYADHpyUa1Zl
abAmuVFyjw9MZMYzmg7ZcJun4D9ydqLRkq6DwtXxwf8AGIWQ9zrebfSz+RyY9FsO
Onf/X1aoab8V48v22PrZBpLjPo+vJ07IfsIVRDm19ceBXKLWzwbjMYFisq7ypg8X
LnSQo5CCBAp+mKGySU71V8aqLC4H4KaD9vJQxtK1e1zxNXdU9N9qOVbn9Qit04xL
5QKvxO+cBh3qIZ4coVTgpQVuQe9oyskR/Dji0Au4SlZpV2weDj+KhNCfIWZKZhmW
TYJvKMmxRQWpbyKEhcGc9Glo2dlcXzZmfku4/9F/2OwRDQc6V5m6Vtfuk0U4goTO
UhoHZJJ/U2/BunMKMVPuEPq8w44QTxHVNVtZY3MtXeI4MFk1nlXqVlFcvxWFriD0
6JDha5EuyUPdE0mSLTbexntxY1Dt4QDUtPVJ+ypnxVruHL9HTnaVGC2PS3ocRnfc
tzQv/l9582ILDj25gp04hROTb+ExTXspnKhhD9zWjrCnWMJvWYw=
=pe4c
-----END PGP SIGNATURE-----