[3.4] xen: Multiple vulnerabilities (CVE-2018-10471, CVE-2018-10472, CVE-2018-8897, CVE-2018-10981, CVE-2018-10982)
CVE-2018-10472,XSA-258: Information leak via crafted user-supplied CDROM
Reference:
http://xenbits.xen.org/xsa/advisory-258.html
CVE-2018-10471, XSA-259: x86: PV guest may crash Xen with XPTI
Reference:
http://xenbits.xen.org/xsa/advisory-259.html
CVE-2018-8897, XSA-260: x86: mishandling of debug exceptions
Reference:
http://xenbits.xen.org/xsa/advisory-260.html
CVE-2018-10982, XSA-261: x86 vHPET interrupt injection errors
Reference:
http://xenbits.xen.org/xsa/advisory-261.html
CVE-2018-10981, XSA-262: qemu may drive Xen into unbounded loop
Reference:
http://xenbits.xen.org/xsa/advisory-262.html
(from redmine: issue id 8889, created on 2018-05-16, closed on 2018-06-12)
- Relations:
- copied_to #8884 (closed)
- parent #8884 (closed)
- Changesets:
- Revision 96018bf2 on 2018-06-11T12:02:44Z:
main/xen: security fixes
CVE-2018-10471, CVE-2018-10472, CVE-2018-8897,
CVE-2018-10981, CVE-2018-10982
Fixes #8889