Project

General

Profile

Bug #7732

Bug #7731: xen: Multiple vulnerabilities (CVE-2017-12135, CVE-2017-12137, CVE-2017-12136, CVE-2017-12134, CVE-2017-12855)

[3.7] xen: Multiple vulnerabilities (CVE-2017-12135, CVE-2017-12137, CVE-2017-12136, CVE-2017-12134, CVE-2017-12855)

Added by Alicha CH over 1 year ago. Updated about 1 year ago.

Status:
Closed
Priority:
Normal
Category:
Security
Target version:
Start date:
08/21/2017
Due date:
% Done:

100%

Estimated time:
Affected versions:
Security IDs:

Description

CVE-2017-12135, XSA-226: multiple problems with transitive grants

All versions of Xen are vulnerable.

References:

http://xenbits.xen.org/xsa/advisory-226.html

CVE-2017-12137, XSA-227: x86: PV privilege escalation via map_grant_ref

All versions of Xen are vulnerable.

References:

http://xenbits.xen.org/xsa/advisory-227.html

CVE-2017-12136, XSA-228: grant_table: Race conditions with maptrack free list handling

Xen 4.6 and later are vulnerable.

References:

http://xenbits.xen.org/xsa/advisory-228.html

CVE-2017-12134, XSA-229: linux: Fix Xen block IO merge-ability calculation

References:

http://xenbits.xen.org/xsa/advisory-229.html

CVE-2017-12855, XSA-230: grant_table: possibly premature clearing of GTF_writing / GTF_reading

All systems are vulnerable.

References:

http://xenbits.xen.org/xsa/advisory-230.html

Associated revisions

Revision a9878fc5 (diff)
Added by Daniel Sabogal over 1 year ago

main/xen: security fixes

fixes #7732

CVE-2017-12135 XSA-226
CVE-2017-12137 XSA-227
CVE-2017-12136 XSA-228
CVE-2017-12855 XSA-230

History

#1 Updated by Daniel Sabogal over 1 year ago

  • Status changed from New to Resolved
  • % Done changed from 0 to 100

#2 Updated by Alicha CH about 1 year ago

  • Category set to Security
  • Status changed from Resolved to Closed

Also available in: Atom PDF