Lucene search

K
debianDebianDEBIAN:60A80CD80DDAA69C1BCCE7A3E68DBFD6:009D1
HistoryDec 15, 2008 - 12:38 p.m.

[Backports-security-announce] Security Update for xen-3

2008-12-1512:38:44
lists.debian.org
7

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.001 Low

EPSS

Percentile

26.4%

Frederik Schüler uploaded new packages for xen-3 which fixed the
following security problems:

CVE-2008-0928, Debian Bug #469649, #469654, #469662, #469666

Qemu 0.9.1 and earlier does not perform range checks for block device
read or write requests, which allows guest host users with root
privileges to access arbitrary memory and escape the virtual machine.

CVE-2008-1943, Debian Bug #487095, #487097

Buffer overflow in the backend of XenSource Xen Para Virtualized Frame
Buffer (PVFB) 3.0 through 3.1.2 allows local users to cause a denial
of service (crash) and possibly execute arbitrary code via a crafted
description of a shared framebuffer.

CVE-2008-1944, Debian Bug #487095, #487097

Buffer overflow in the backend framebuffer of XenSource Xen
Para-Virtualized Framebuffer (PVFB) Message 3.0 through 3.0.3 allows
local users to cause a denial of service (SDL crash) and possibly
execute arbitrary code via "bogus screen updates," related to missing
validation of the "format of messages."

CVE-2008-1952, Debian Bug #487095

The backend for XenSource Xen Para Virtualized Frame Buffer (PVFB) in
Xen ioemu does not properly restrict the frame buffer size, which
allows attackers to cause a denial of service (crash) by mapping an
arbitrary amount of guest memory.

For the etch-backports distribution the problems have been fixed in
version 3.2.1-2~bpo4+1.

For the lenny and sid distributions the problems have been fixed in
version 3.2.1-2.

Upgrade instructions

If you don't use pinning (see [1]) you have to update the packages
manually via "apt-get -t etch-backports install <packagelist>" with the
packagelist of your installed packages affected by this update.
[1] <http://backports.org/dokuwiki/doku.php?id=instructions&gt;

We recommend to pin the backports repository to 200 so that new versions
of installed backports will be installed automatically:

Package: *
Pin: release a=etch-backports
Pin-Priority: 200
Attachment:
signature.asc
Description: Digital signature

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.001 Low

EPSS

Percentile

26.4%