[3.2] xen: Multiple issues (CVE-2014-3672, CVE-2016-3710 CVE-2016-3712, CVE-2016-4963, CVE-2016-4480, CVE-2016-4962)
CVE-2016-4962, XSA-175: Unsanitised guest input in libxl device handling code
http://xenbits.xen.org/xsa/advisory-175.html
CVE-2016-4480, XSA-176: x86 software guest page walk PS bit handling flaw
http://xenbits.xen.org/xsa/advisory-176.html
CVE-2016-4963, XSA-178: Unsanitised driver domain input in libxl device handling
http://xenbits.xen.org/xsa/advisory-178.html
CVE-2016-3710 CVE-2016-3712, XSA-179: QEMU: Banked access to VGA memory (VBE) uses inconsistent bounds checks
http://xenbits.xen.org/xsa/advisory-179.html
CVE-2014-3672, XSA-180: Unrestricted qemu logging
http://xenbits.xen.org/xsa/advisory-180.html
(from redmine: issue id 5777, created on 2016-06-23, closed on 2016-06-24)
- Relations:
- parent #5774 (closed)
- Changesets:
- Revision 8a5bc358 on 2016-06-24T08:29:06Z:
main/xen: security fixes. Fixes #5777
CVE-2016-4962, XSA-175: Unsanitised guest input in libxl device handling code
http://xenbits.xen.org/xsa/advisory-175.html
CVE-2016-4480, XSA-176: x86 software guest page walk PS bit handling flaw
http://xenbits.xen.org/xsa/advisory-176.html
CVE-2016-4963, XSA-178: Unsanitised driver domain input in libxl device handling
http://xenbits.xen.org/xsa/advisory-178.html