-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Xen Security Advisory XSA-113
Guest effectable page reference leak in MMU_MACHPHYS_UPDATE handling
ISSUE DESCRIPTION
=
An error handling path in the processing of MMU_MACHPHYS_UPDATE failed
to drop a page
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Xen Security Advisory CVE-2014-8866 / XSA-111
version 3
Excessive checking in compatibility mode hypercall argument translation
UPDATES IN VERSION 3
Public release.
ISSUE
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Xen Security Advisory CVE-2014-8867 / XSA-112
version 5
Insufficient bounding of REP MOVS to MMIO emulated inside the hypervisor
UPDATES IN VERSION 5
Public release.
ISSUE
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Xen Security Advisory CVE-2014-9065,CVE-2014-9066 / XSA-114
version 3
p2m lock starvation
UPDATES IN VERSION 3
Public release.
ISSUE DESCRIPTION
=
The
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Xen Security Advisory CVE-2015-0268 / XSA-117
version 2
arm: vgic-v2: GICD_SGIR is not properly emulated
UPDATES IN VERSION 2
CVE assigned.
Mention CVE and XSA numbers in
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Xen Security Advisory CVE-2015-2150 / XSA-120
version 4
Non-maskable interrupts triggerable by guests
UPDATES IN VERSION 4
Public release.
ISSUE DESCRIPTION
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Xen Security Advisory CVE-2015-2151 / XSA-123
version 4
Hypervisor memory corruption due to x86 emulator flaw
UPDATES IN VERSION 4
Public release.
ISSUE DESCRIPTION
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Xen Security Advisory XSA-124
version 2
Non-standard PCI device functionality may render pass-through insecure
UPDATES IN VERSION 2
Clarify scope. PCI config space backdoors
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Xen Security Advisory CVE-2015-2152 / XSA-119
version 3
HVM qemu unexpectedly enabling emulated VGA graphics backends
UPDATES IN VERSION 3
Public release.
ISSUE DESCRIPTION
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Xen Security Advisory CVE-2014-3969 / XSA-98
version 4
insufficient permissions checks accessing guest memory on ARM
UPDATES IN VERSION 4
Supply an additional patch for arm64.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Xen Security Advisory CVE-2014-3969 / XSA-98
version 5
insufficient permissions checks accessing guest memory on ARM
UPDATES IN VERSION 5
The issue described in update 4 also
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Xen Security Advisory CVE-2015-2752 / XSA-125
version 3
Long latency MMIO mapping operations are not preemptible
UPDATES IN VERSION 3
CVE assigned.
Public release.
ISSUE
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Xen Security Advisory CVE-2015-2756 / XSA-126
version 3
Unmediated PCI command register access in qemu
UPDATES IN VERSION 3
Public release.
ISSUE DESCRIPTION
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Xen Security Advisory CVE-2015-2150 / XSA-120
version 5
Non-maskable interrupts triggerable by guests
UPDATES IN VERSION 5
The original patches were incomplete: although
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Xen Security Advisory CVE-2015-1563 / XSA-118
version 2
arm: vgic: incorrect rate limiting of guest triggered logging
UPDATES IN VERSION 2
CVE assigned.
ISSUE DESCRIPTION
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Xen Security Advisory CVE-2015-3340 / XSA-132
version 2
Information leak through XEN_DOMCTL_gettscinfo
UPDATES IN VERSION 2
CVE assigned.
ISSUE DESCRIPTION
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Xen Security Advisory CVE-2015-3456 / XSA-133
version 2
Privilege escalation via emulated floppy disk drive
UPDATES IN VERSION 2
Public release.
ISSUE DESCRIPTION
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Xen Security Advisory CVE-2015-3209 / XSA-135
version 3
Heap overflow in QEMU PCNET controller, allowing guest-host escape
UPDATES IN VERSION 3
Public release.
ISSUE DESCRIPTION
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Xen Security Advisory CVE-2015-4163 / XSA-134
version 3
GNTTABOP_swap_grant_ref operation misbehavior
UPDATES IN VERSION 3
Public release.
Added email header syntax to
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Xen Security Advisory CVE-2015-4164 / XSA-136
version 3
vulnerability in the iret hypercall handler
UPDATES IN VERSION 3
Public release.
Added email header syntax to
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Xen Security Advisory CVE-2015-4105 / XSA-130
version 2
Guest triggerable qemu MSI-X pass-through error messages
UPDATES IN VERSION 2
Public release.
CVE assigned.
ISSUE
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Xen Security Advisory CVE-2015-4106 / XSA-131
version 3
Unmediated PCI register access in qemu
UPDATES IN VERSION 3
Public release.
CVE assigned.
ISSUE DESCRIPTION
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Xen Security Advisory CVE-2015-4104 / XSA-129
version 2
PCI MSI mask bits inadvertently exposed to guests
UPDATES IN VERSION 2
Public release.
CVE assigned.
ISSUE
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Xen Security Advisory CVE-2015-4103 / XSA-128
version 2
Potential unintended writes to host MSI message data field via qemu
UPDATES IN VERSION 2
Public release.
CVE assigned.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Xen Security Advisory CVE-2015-5165 / XSA-140
version 2
QEMU leak of uninitialized heap memory in rtl8139 device model
UPDATES IN VERSION 2
CVE assigned.
Public release.
Updated
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Xen Security Advisory CVE-2015-5166 / XSA-139
version 2
Use after free in QEMU/Xen block unplug protocol
UPDATES IN VERSION 2
CVE assigned.
Public release.
Updated status
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Xen Security Advisory CVE-2015-5154 / XSA-138
version 2
QEMU heap overflow flaw while processing certain ATAPI commands.
UPDATES IN VERSION 2
Public release.
ISSUE DESCRIPTION
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Xen Security Advisory CVE-2015-7835 / XSA-148
version 4
x86: Uncontrolled creation of large page mappings by PV guests
UPDATES IN VERSION 4
Public release.
ISSUE DESCRIPTION
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Xen Security Advisory CVE-2015-7969 / XSA-149
version 3
leak of main per-domain vcpu pointer array
UPDATES IN VERSION 3
Public release.
ISSUE DESCRIPTION
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Xen Security Advisory CVE-2015-7970 / XSA-150
version 5
x86: Long latency populate-on-demand operation is not preemptible
UPDATES IN VERSION 5
Updated patch. Compared to the
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Xen Security Advisory CVE-2015-7971 / XSA-152
version 3
x86: some pmu and profiling hypercalls log without rate limiting
UPDATES IN VERSION 3
Public release.
ISSUE DESCRIPTION
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Xen Security Advisory CVE-2015-7812 / XSA-145
version 3
arm: Host crash when preempting a multicall
UPDATES IN VERSION 3
Public release.
ISSUE DESCRIPTION
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Xen Security Advisory CVE-2015-7813 / XSA-146
version 3
arm: various unimplemented hypercalls log without rate limiting
UPDATES IN VERSION 3
Public release.
ISSUE DESCRIPTION
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Xen Security Advisory CVE-2015-7972 / XSA-153
version 3
x86: populate-on-demand balloon size inaccuracy can crash guests
UPDATES IN VERSION 3
Public release.
ISSUE DESCRIPTION
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Xen Security Advisory CVE-2015-7969 / XSA-151
version 3
x86: leak of per-domain profiling-related vcpu pointer array
UPDATES IN VERSION 3
Public release.
ISSUE DESCRIPTION
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Xen Security Advisory CVE-2015-5307,CVE-2015-8104 / XSA-156
version 2
x86: CPU lockup during exception delivery
UPDATES IN VERSION 2
Minor title and text adjustment.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Xen Security Advisory CVE-2015-3259 / XSA-137
version 3
xl command line config handling stack overflow
UPDATES IN VERSION 3
Public release.
ISSUE DESCRIPTION
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Xen Security Advisory CVE-2015-6654 / XSA-141
version 3
printk is not rate-limited in xenmem_add_to_physmap_one
UPDATES IN VERSION 3
Public release.
ISSUE DESCRIPTION
* DRAFT DRAFT DRAFT *
Xen Security Advisory XSA-142
libxl fails to honour readonly flag on disks with qemu-xen
ISSUE DESCRIPTION
=
Callers of libxl can specify that a disk should be read-only to the
guest. However, there is no code in libxl
* DRAFT DRAFT DRAFT *
Xen Security Advisory XSA-142
libxl fails to honour readonly flag on disks with qemu-xen
ISSUE DESCRIPTION
=
Callers of libxl can specify that a disk should be read-only to the
guest. However, there is no code in libxl
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Xen Security Advisory XSA-142
libxl fails to honour readonly flag on disks with qemu-xen
ISSUE DESCRIPTION
=
Callers of libxl can specify that a disk should be read-only to the
guest. However, there is
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Xen Security Advisory CVE-2015-7311 / XSA-142
version 2
libxl fails to honour readonly flag on disks with qemu-xen
UPDATES IN VERSION 2
CVE assigned.
ISSUE DESCRIPTION
* DRAFT DRAFT DRAFT *
Xen Security Advisory XSA-142
libxl fails to honour readonly flag on disks with qemu-xen
ISSUE DESCRIPTION
=
Callers of libxl can specify that a disk should be read-only to the
guest. However, there is no code in libxl
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Xen Security Advisory CVE-2015-8341 / XSA-160
version 3
libxl leak of pv kernel and initrd on error
UPDATES IN VERSION 3
Public release.
ISSUE DESCRIPTION
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Xen Security Advisory CVE-2015-8339,CVE-2015-8340 / XSA-159
version 4
XENMEM_exchange error handling issues
UPDATES IN VERSION 4
Public release.
ISSUE DESCRIPTION
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Xen Security Advisory CVE-2015-8338 / XSA-158
version 3
long running memory operations on ARM
UPDATES IN VERSION 3
Public release.
ISSUE DESCRIPTION
=
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Xen Security Advisory CVE-2015-8554 / XSA-164
version 3
qemu-dm buffer overrun in MSI-X handling
UPDATES IN VERSION 3
Public release.
ISSUE DESCRIPTION
=
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Xen Security Advisory CVE-2015-8555 / XSA-165
version 3
information leak in legacy x86 FPU/XMM initialization
UPDATES IN VERSION 3
Public release.
ISSUE DESCRIPTION
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Xen Security Advisory CVE-2015-8550 / XSA-155
version 6
paravirtualized drivers incautious about shared memory contents
UPDATES IN VERSION 6
Correct CREDITS section.
ISSUE
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Xen Security Advisory XSA-166
version 2
ioreq handling possibly susceptible to multiple read issue
UPDATES IN VERSION 2
Public release.
ISSUE DESCRIPTION
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Xen Security Advisory CVE-2015-8551,CVE-2015-8552 / XSA-157
version 3
Linux pciback missing sanity checks leading to crash
UPDATES IN VERSION 3
Removed CVE-2015-8553 from the
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Xen Security Advisory CVE-2015-8550 / XSA-155
version 5
paravirtualized drivers incautious about shared memory contents
UPDATES IN VERSION 5
Public release.
ISSUE DESCRIPTION
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Xen Security Advisory CVE-2015-8338 / XSA-158
version 4
long running memory operations on ARM
UPDATES IN VERSION 4
Mention that the original patches had two problems,
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Xen Security Advisory CVE-2015-8615 / XSA-169
version 2
x86: unintentional logging upon guest changing callback method
UPDATES IN VERSION 2
CVE assigned.
ISSUE DESCRIPTION
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Xen Security Advisory XSA-169
x86: unintentional logging upon guest changing callback method
ISSUE DESCRIPTION
=
HYPERVISOR_hvm_op sub-op HVMOP_set_param's HVM_PARAM_CALLBACK_IRQ
operation intends to log the
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Xen Security Advisory XSA-161
version 2
WITHDRAWN: missing XSETBV intercept privilege check on AMD SVM
UPDATES IN VERSION 2
Upon further inspection the necessary privilege
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Xen Security Advisory XSA-163
virtual PMU is unsupported
ISSUE DESCRIPTION
=
The Virtual Performance Measurement Unit feature has been documented
as unsupported, so far only on Intel CPUs.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Xen Security Advisory CVE-2015-7504 / XSA-162
version 2
heap buffer overflow vulnerability in pcnet emulator
UPDATES IN VERSION 2
Public release.
Correct cut and paste
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Xen Security Advisory CVE-2016-5242 / XSA-181
version 2
arm: Host crash caused by VMID exhaustion
UPDATES IN VERSION 2
CVE assigned.
ISSUE DESCRIPTION
=
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Xen Security Advisory CVE-2016-4963 / XSA-178
version 4
Unsanitised driver domain input in libxl device handling
UPDATES IN VERSION 4
Clarify that issue goes back as far as
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Xen Security Advisory XSA-181
arm: Host crash caused by VMID exhaustion
ISSUE DESCRIPTION
=
VMIDs are a finite hardware resource, and allocated as part of domain
creation. If no free VMIDs are
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Xen Security Advisory CVE-2016-4963 / XSA-178
version 3
Unsanitised driver domain input in libxl device handling
UPDATES IN VERSION 3
Public release.
ISSUE DESCRIPTION
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Xen Security Advisory CVE-2016-1570 / XSA-167
version 4
PV superpage functionality missing sanity checks
UPDATES IN VERSION 4
Public release.
ISSUE DESCRIPTION
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Xen Security Advisory CVE-2016-1571 / XSA-168
version 3
VMX: intercept issue with INVLPG on non-canonical address
UPDATES IN VERSION 3
Public release.
ISSUE DESCRIPTION
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Xen Security Advisory CVE-2016-2271 / XSA-170
version 3
VMX: guest user mode may crash guest with non-canonical RIP
UPDATES IN VERSION 3
Public release.
ISSUE DESCRIPTION
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Xen Security Advisory CVE-2016-2270 / XSA-154
version 3
x86: inconsistent cachability flags on guest mappings
UPDATES IN VERSION 3
Clarify cumbersome Resolution wording.
The
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Xen Security Advisory CVE-2016-3157 / XSA-171
version 4
I/O port access privilege escalation in x86-64 Linux
UPDATES IN VERSION 4
Clarify Vulnerable Systems section.
Public
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Xen Security Advisory CVE-2016-3158,CVE-2016-3159 / XSA-172
version 3
broken AMD FPU FIP/FDP/FOP leak workaround
UPDATES IN VERSION 3
Public release.
ISSUE DESCRIPTION
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Xen Security Advisory CVE-2014-3672 / XSA-180
Unrestricted qemu logging
ISSUE DESCRIPTION
=
When the libxl toolstack launches qemu for HVM guests, it pipes the
output of stderr to a file in
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Xen Security Advisory CVE-2016-4480 / XSA-176
version 3
x86 software guest page walk PS bit handling flaw
UPDATES IN VERSION 3
Public release.
ISSUE DESCRIPTION
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Xen Security Advisory CVE-2016-3710,CVE-2016-3712 / XSA-179
version 5
QEMU: Banked access to VGA memory (VBE) uses inconsistent bounds checks
UPDATES IN VERSION 5
Fixed credits section.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Xen Security Advisory CVE-2016-3960 / XSA-173
version 3
x86 shadow pagetables: address width overflow
UPDATES IN VERSION 3
Public release.
ISSUE DESCRIPTION
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Xen Security Advisory CVE-2016-3961 / XSA-174
version 3
hugetlbfs use may crash PV Linux guests
UPDATES IN VERSION 3
Public release.
ISSUE DESCRIPTION
=
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Xen Security Advisory CVE-2016-3710,CVE-2016-3712 / XSA-179
version 4
QEMU: Banked access to VGA memory (VBE) uses inconsistent bounds checks
UPDATES IN VERSION 4
Public release. Also
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Xen Security Advisory CVE-2016-6258 / XSA-182
version 3
x86: Privilege escalation in PV guests
UPDATES IN VERSION 3
Public release.
ISSUE DESCRIPTION
=
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Xen Security Advisory CVE-2016-6259 / XSA-183
version 5
x86: Missing SMAP whitelisting in 32-bit exception / event delivery
UPDATES IN VERSION 5
Public release.
ISSUE DESCRIPTION
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Xen Security Advisory CVE-2016-5403 / XSA-184
version 2
virtio: unbounded memory allocation issue
UPDATES IN VERSION 2
Public release.
ISSUE DESCRIPTION
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Xen Security Advisory CVE-2017-2620 / XSA-209
version 3
cirrus_bitblt_cputovideo does not check if memory region is safe
UPDATES IN VERSION 3
Public release.
ISSUE DESCRIPTION
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Xen Security Advisory XSA-210
arm: memory corruption when freeing p2m pages
ISSUE DESCRIPTION
=
When freeing pages used for stage-2 page tables, the freeing routine
failed to remove these pages from
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Xen Security Advisory CVE-2017-2620 / XSA-209
version 4
cirrus_bitblt_cputovideo does not check if memory region is safe
UPDATES IN VERSION 4
Include a prerequisite patch for
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Xen Security Advisory XSA-207
version 2
memory leak when destroying guest without PT devices
UPDATES IN VERSION 2
Public release.
ISSUE DESCRIPTION
=
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Xen Security Advisory CVE-2017-2615 / XSA-208
version 2
oob access in cirrus bitblt copy
UPDATES IN VERSION 2
Included backport for qemu-xen versions 4.7 (and
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Xen Security Advisory CVE-2017-2615 / XSA-208
oob access in cirrus bitblt copy
ISSUE DESCRIPTION
=
When doing bitblt copy backwards, qemu should negate the blit width.
This avoids an oob access before
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Xen Security Advisory CVE-2016-7094 / XSA-187
version 3
x86 HVM: Overflow of sh_ctxt->seg_reg[]
UPDATES IN VERSION 3
Fix the backports xsa187-4.6-0002-*.patch and
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Xen Security Advisory CVE-2016-7092 / XSA-185
version 3
x86: Disallow L3 recursive pagetable for 32-bit PV guests
UPDATES IN VERSION 3
Public release.
ISSUE DESCRIPTION
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Xen Security Advisory CVE-2016-7093 / XSA-186
version 4
x86: Mishandling of instruction pointer truncation during emulation
UPDATES IN VERSION 4
Public release.
ISSUE DESCRIPTION
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Xen Security Advisory CVE-2016-7154 / XSA-188
version 3
use after free in FIFO event channel code
UPDATES IN VERSION 3
Public release.
ISSUE DESCRIPTION
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Xen Security Advisory CVE-2016- / XSA-190
version 5
CR0.TS and CR0.EM not always honored for x86 HVM guests
UPDATES IN VERSION 5
Public release.
ISSUE DESCRIPTION
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Xen Security Advisory CVE-2016-9379,CVE-2016-9380 / XSA-198
version 3
delimiter injection vulnerabilities in pygrub
UPDATES IN VERSION 3
Public release.
ISSUE DESCRIPTION
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Xen Security Advisory CVE-2016-9381 / XSA-197
version 3
qemu incautious about shared ring processing
UPDATES IN VERSION 3
Added email header syntax to patches, for e.g.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Xen Security Advisory CVE-2016-9385 / XSA-193
version 3
x86 segment base write emulation lacking canonical address checks
UPDATES IN VERSION 3
Public release.
ISSUE DESCRIPTION
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Xen Security Advisory CVE-2016-9382 / XSA-192
version 3
x86 task switch to VM86 mode mis-handled
UPDATES IN VERSION 3
Public release.
ISSUE DESCRIPTION
=
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Xen Security Advisory CVE-2016-9384 / XSA-194
version 3
guest 32-bit ELF symbol table load leaking host data
UPDATES IN VERSION 3
Public release.
ISSUE DESCRIPTION
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Xen Security Advisory CVE-2016-9386 / XSA-191
version 3
x86 null segments not always treated as unusable
UPDATES IN VERSION 3
Public release.
ISSUE DESCRIPTION
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Xen Security Advisory CVE-2016-9377,CVE-2016-9378 / XSA-196
version 3
x86 software interrupt injection mis-handled
UPDATES IN VERSION 3
Public release.
ISSUE DESCRIPTION
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Xen Security Advisory CVE-2016-9383 / XSA-195
version 3
x86 64-bit bit test instruction emulation broken
UPDATES IN VERSION 3
Public release.
ISSUE DESCRIPTION
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Xen Security Advisory CVE-2016-9932 / XSA-200
version 3
x86 CMPXCHG8B emulation fails to ignore operand size override
UPDATES IN VERSION 3
CVE assigned.
Public release.
ISSUE
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Xen Security Advisory CVE-2016-9815,CVE-2016-9816,CVE-2016-9817,CVE-2016-9818
/ XSA-201
version 2
ARM guests may induce host asynchronous abort
UPDATES IN VERSION 2
CVEs assigned.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Xen Security Advisory XSA-201
ARM guests may induce host asynchronous abort
ISSUE DESCRIPTION
=
Depending on how the hardware and firmware have been integrated,
guest-triggered asynchronous aborts
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Xen Security Advisory CVE-2016-9637 / XSA-199
version 3
qemu ioport array overflow
UPDATES IN VERSION 3
Clarify the IMPACT description, by escalating privilege to
1 - 100 of 161 matches
Mail list logo