[3.2] xen: Multiple issues (CVE-2016-7092, CVE-2016-7093, CVE-2016-7094)
CVE-2016-7092, XSA-185: x86: Disallow L3 recursive pagetable for 32-bit PV guests
Reference:
http://xenbits.xen.org/xsa/advisory-185.html
CVE-2016-7093, XSA-186: x86: Mishandling of instruction pointer truncation during emulation
Reference:
http://xenbits.xen.org/xsa/advisory-186.html
CVE-2016-7094, XSA-187: x86 HVM: Overflow of sh_ctxt->seg_reg[]
Reference:
http://xenbits.xen.org/xsa/advisory-187.html
(from redmine: issue id 6154, created on 2016-09-14, closed on 2016-10-14)
- Relations:
- parent #6150 (closed)
- Changesets:
- Revision 5c041535 on 2016-10-14T13:16:14Z:
main/xen: security fixes. Fixes #6154
CVE-2016-7092, XSA-185: x86: Disallow L3 recursive pagetable for 32-bit PV guests¶
CVE-2016-7093, XSA-186: x86: Mishandling of instruction pointer truncation during emulation¶
CVE-2016-7094, XSA-187: x86 HVM: Overflow of sh_ctxt->seg_reg[]¶
CVE-2016-7154, XSA-188: use after free in FIFO event channel code
(cherry picked from commit 4e7e31ba548ffec94da90438b7f64a61026becd8)