[SECURITY] [DSA 4131-1] xen security update

Debian Security Advisory DSA-4131-1 [email protected]
https://www.debian.org/security/ Moritz Muehlenhoff
March 04, 2018 https://www.debian.org/security/faq

Package : xen
CVE ID : CVE-2018-7540 CVE-2018-7541 CVE-2018-7542

Multiple vulnerabilities have been discovered in the Xen hypervisor:

CVE-2018-7540

Jann Horn discovered that missing checks in page table freeing may
result in denial of service.

CVE-2018-7541

Jan Beulich discovered that incorrect error handling in grant table
checks may result in guest-to-host denial of service and potentially
privilege escalation.

CVE-2018-7542

Ian Jackson discovered that insufficient handling of x86 PVH guests
without local APICs may result in guest-to-host denial of service.

For the stable distribution (stretch), these problems have been fixed in
version 4.8.3+comet2+shim4.10.0+comet3-1+deb9u5.

We recommend that you upgrade your xen packages.

For the detailed security status of xen please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/xen

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: [email protected]