[3.2] xen: Multiple issues (CVE-2016-9386, CVE-2016-9382, CVE-2016-9385, CVE-2016-9384, CVE-2016-9383, CVE-2016-9377, CVE-2016-9378, CVE-2016-9381, CVE-2016-9379, CVE-2016-9380)
CVE-2016-9386, XSA-191: x86 null segments not always treated as unusable
Reference:
http://xenbits.xen.org/xsa/advisory-191.html
CVE-2016-9382, XSA-192: x86 task switch to VM86 mode mis-handled
Reference:
http://xenbits.xen.org/xsa/advisory-192.html
CVE-2016-9385, XSA-193: x86 segment base write emulation lacking canonical address checks
Reference:
http://xenbits.xen.org/xsa/advisory-193.html
CVE-2016-9383, XSA-195: x86 64-bit bit test instruction emulation broken
Reference:
http://xenbits.xen.org/xsa/advisory-195.html
CVE-2016-9377, CVE-2016-9378, XSA-196: x86 software interrupt injection mis-handled
Reference:
http://xenbits.xen.org/xsa/advisory-196.html
CVE-2016-9381, XSA-197: qemu incautious about shared ring processing
Reference:
http://xenbits.xen.org/xsa/advisory-197.html
CVE-2016-9379, CVE-2016-9380, XSA-198: delimiter injection vulnerabilities in pygrub
Reference:
http://xenbits.xen.org/xsa/advisory-198.html
(from redmine: issue id 6498, created on 2016-11-25, closed on 2017-09-05)
- Relations:
- parent #6494 (closed)
- Changesets:
- Revision 473c36a9 by Sergei Lukin on 2016-12-13T10:04:58Z:
main/xen: security upgrade - fixes #6351, #6498
CVE-2016-7777
CVE-2016-9377
CVE-2016-9378
CVE-2016-9379
CVE-2016-9380
CVE-2016-9381
CVE-2016-9382
CVE-2016-9383
CVE-2016-9384
CVE-2016-9385
CVE-2016-9386