There''s few CVE for Xen, are we affected, and are fixes planned for Lenny, Squeeze and Unstable? * A denial of service (Host Crash) in the XEN hypervisor. (CVE-2011-2901) * A bug was found in the way Xen handles CPUID instruction emulation during VM exits. An unprivileged guest user can potentially use this flaw to crash the guest. (CVE-2011-1936) * A 64-bit guest can get one of its vcpus into non-kernel mode without first providing a valid non-kernel pagetable. The observed failure mode was usually a hard lockup of the host (host denial of service). (CVE-2011-1166) Cheers, Thomas
On Thu, Sep 22, 2011 at 04:40:32PM +0800, Thomas Goirand wrote:> * A denial of service (Host Crash) in the XEN > hypervisor. (CVE-2011-2901) > * A bug was found in the way Xen handles CPUID > instruction emulation during VM exits. An unprivileged > guest user can potentially use this flaw to crash the > guest. (CVE-2011-1936)Not taken yet.> * A 64-bit guest can get one of its vcpus into > non-kernel mode without first providing a valid non-kernel > pagetable. The observed failure mode was usually a hard > lockup of the host (host denial of service). (CVE-2011-1166)In the security queue since four months. Bastian -- You can't evaluate a man by logic alone. -- McCoy, "I, Mudd", stardate 4513.3
Possibly Parallel Threads
- Bug#602378: xen-hypervisor-4.0-amd64: Live migration of Guests crashes and reboots
- Bug#784011: xen: CVE-2015-3340: Information leak through XEN_DOMCTL_gettscinfo (XSA-132)
- debian xen 4.1 and 3.8.x kernel (from experimental)
- PV-GRUB - Does not read partition-less disk
- New files and directories