[3.6] xen: Multiple vulnerabilities (CVE-2017-17563, CVE-2017-17564, CVE-2017-17565, CVE-2017-17566, CVE-2017-5753, CVE-2017-5715, CVE-2017-5754)
CVE-2017-17566, XSA-248: x86 PV guests may gain access to internally used pages
Reference:
http://xenbits.xen.org/xsa/advisory-248.html
CVE-2017-17563, XSA-249: broken x86 shadow mode refcount overflow check
Reference:
http://xenbits.xen.org/xsa/advisory-249.html
CVE-2017-17564, XSA-250: improper x86 shadow mode refcount error handling
Reference:
http://xenbits.xen.org/xsa/advisory-250.html
CVE-2017-17565, XSA-251: improper bug check in x86 log-dirty handling
Reference:
http://xenbits.xen.org/xsa/advisory-251.html
CVE-2017-5753, CVE-2017-5715, CVE-2017-5754, XSA-254: Information leak via side effects of speculative execution
Reference:
http://xenbits.xen.org/xsa/advisory-254.html
(from redmine: issue id 8521, created on 2018-02-20, closed on 2018-03-05)
- Relations:
- parent #8519 (closed)
- Changesets:
- Revision 2e278889 on 2018-02-27T15:07:37Z:
main/xen: security fixes
CVE-2017-17566, XSA-248
CVE-2017-17563, XSA-249
CVE-2017-17564, XSA-250
CVE-2017-17565, XSA-251
Fixes #8521