Ubuntu
xen package

xen 4.1.1-2ubuntu4.4 source package in Ubuntu

Changelog

xen (4.1.1-2ubuntu4.4) oneiric-security; urgency=low

  * SECURITY UPDATE: denial of service via IOMMU error handling
    - debian/patches/CVE-2011-3131.patch: disable bus-mastering on any card
      that causes an IOMMU fault in xen/drivers/passthrough/vtd/iommu.c,
      xen/drivers/passthrough/amd/iommu_init.c.
    - CVE-2011-3131
  * SECURITY UPDATE: denial of service via MMIO regions
    - debian/patches/CVE-2012-3432.patch: don't leave emulator in an
      inconsistent state in xen/arch/x86/hvm/io.c.
    - CVE-2012-3432
  * SECURITY UPDATE: denial of service via excessive shared page search
    time during the p2m teardown
    - debian/patches/CVE-2012-3433.patch: only check for shared pages while
      any exist on teardown in xen/arch/x86/mm/p2m.c.
    - CVE-2012-3433
  * SECURITY UPDATE: denial of service via DR7 reserved bits
    - debian/patches/CVE-2012-3494.patch: write upper 32 bits as zeros in
      xen/include/asm-x86/debugreg.h.
    - CVE-2012-3494
  * SECURITY UPDATE: denial of service and possible privilege escalation
    via physdev_get_free_pirq hypercall.
    - debian/patches/CVE-2012-3495.patch: handle out-of-pirq condition
      correctly in xen/arch/x86/physdev.c.
    - CVE-2012-3495
  * SECURITY UPDATE: denial of service via via invalid flags
    - debian/patches/CVE-2012-3496.patch: Don't BUG_ON() PoD operations on
      a non-translated guest in xen/arch/x86/mm/p2m.c.
    - CVE-2012-3496
  * SECURITY UPDATE: denial of service and possibly hypervisor memory
    disclosure via PHYSDEVOP_map_pirq
    - debian/patches/CVE-2012-3498.patch: add validation before using in
      xen/arch/x86/physdev.c.
    - CVE-2012-3498
  * SECURITY UPDATE: privilege escalation via crafted escape VT100 sequence
    - debian/patches/CVE-2012-3515.patch: bounds check whenever changing
      the cursor due to an escape code in qemu/console.c.
    - CVE-2012-3515
  * SECURITY UPDATE: host info disclosure via qemu monitor
    - debian/patches/CVE-2012-4411.patch: disable qemu monitor by default
      in qemu/vl.c.
    - CVE-2012-4411
 -- Marc Deslauriers <email address hidden>   Tue, 11 Dec 2012 10:41:34 -0500

Upload details

Uploaded by:
Marc Deslauriers
Uploaded to:
Oneiric
Original maintainer:
Ubuntu Developers
Architectures:
any
Section:
kernel
Urgency:
Low Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Downloads

File Size SHA-256 Checksum
xen_4.1.1.orig-qemu.tar.gz 3.0 MiB 3f7ca8173f969d6a510f0f0ddb413c79856d679ab3892ac3f00964ca7f3d0325
xen_4.1.1.orig.tar.gz 6.3 MiB 9a9ea519fa3f8a032df1e1c854fcae203ee1ef4485f7c2f506fa0ea6e735878f
xen_4.1.1-2ubuntu4.4.debian.tar.gz 74.2 KiB 2701b96f811d36931c11e4b5800f5f257c36478259a288769c6acb9c9cf4363a
xen_4.1.1-2ubuntu4.4.dsc 2.4 KiB 1ccfe7cf3fe245016dd9bbd231ea797423c5e960e3c51378f967bc05a8db98f6

View changes file

Binary packages built by this source

libxen-dev: No summary available for libxen-dev in ubuntu oneiric.

No description available for libxen-dev in ubuntu oneiric.

libxenstore3.0: No summary available for libxenstore3.0 in ubuntu oneiric.

No description available for libxenstore3.0 in ubuntu oneiric.

xen-docs-4.1: No summary available for xen-docs-4.1 in ubuntu oneiric.

No description available for xen-docs-4.1 in ubuntu oneiric.

xen-hypervisor-4.1-amd64: No summary available for xen-hypervisor-4.1-amd64 in ubuntu oneiric.

No description available for xen-hypervisor-4.1-amd64 in ubuntu oneiric.

xen-hypervisor-4.1-i386: No summary available for xen-hypervisor-4.1-i386 in ubuntu oneiric.

No description available for xen-hypervisor-4.1-i386 in ubuntu oneiric.

xen-utils-4.1: No summary available for xen-utils-4.1 in ubuntu oneiric.

No description available for xen-utils-4.1 in ubuntu oneiric.

xenstore-utils: No summary available for xenstore-utils in ubuntu oneiric.

No description available for xenstore-utils in ubuntu oneiric.