Debian Security Advisory
DSA-4236-1 xen -- security update
- Date Reported:
- 27 Jun 2018
- Affected Packages:
- Security database references:
- In Mitre's CVE dictionary: CVE-2018-12891, CVE-2018-12892, CVE-2018-12893.
- More information:
Multiple vulnerabilities have been discovered in the Xen hypervisor:
It was discovered that insufficient validation of PV MMU operations may result in denial of service.
It was discovered that libxl fails to honour the
readonlyflag on HVM-emulated SCSI disks.
It was discovered that incorrect implementation of debug exception checks could result in denial of service.
For the stable distribution (stretch), these problems have been fixed in version 4.8.3+xsa267+shim4.10.1+xsa267-1+deb9u9.
We recommend that you upgrade your xen packages.
For the detailed security status of xen please refer to its security tracker page at: https://security-tracker.debian.org/tracker/xen