xen: Multiple vulnerabilities (CVE-2017-10911, CVE-2017-10912, CVE-2017-10913, CVE-2017-10914, CVE-2017-10915, CVE-2017-10916, CVE-2017-10917, CVE-2017-10918, CVE-2017-10919, CVE-2017-10920, CVE-2017-10921, CVE-2017-10922, CVE-2017-10923)
CVE-2017-10911, XSA-216: blkif responses leak backend stack data
Reference:
http://xenbits.xen.org/xsa/advisory-216.html
CVE-2017-10912, XSA-217: page transfer may allow PV guest to elevate privilege
Reference:
http://xenbits.xen.org/xsa/advisory-217.html
CVE-2017-10913, CVE-2017-10914, XSA-218: Races in the grant table unmap code
Reference:
http://xenbits.xen.org/xsa/advisory-218.html
CVE-2017-10915, XSA-219: x86: insufficient reference counts during shadow emulation
Reference:
http://xenbits.xen.org/xsa/advisory-219.html
CVE-2017-10916, XSA-220: x86: PKRU and BND* leakage between vCPU-s
Reference:
http://xenbits.xen.org/xsa/advisory-220.html
CVE-2017-10917, XSA-221: NULL pointer deref in event channel poll
Reference:
http://xenbits.xen.org/xsa/advisory-221.html
CVE-2017-10918, XSA-222: stale P2M mappings due to insufficient error checking
Reference:
http://xenbits.xen.org/xsa/advisory-222.html
CVE-2017-10919, XSA-223: ARM guest disabling interrupt may crash Xen
Reference:
http://xenbits.xen.org/xsa/advisory-223.html
CVE-2017-10920, CVE-2017-10921, CVE-2017-10922, XSA-224: grant table operations mishandle reference counts
Reference:
http://xenbits.xen.org/xsa/advisory-224.html
CVE-2017-10923, XSA-225: arm: vgic: Out-of-bound access when sending SGIs
Reference:
http://xenbits.xen.org/xsa/advisory-225.html
(from redmine: issue id 7501, created on 2017-07-11, closed on 2017-10-26)
- Relations:
- child #7502 (closed)
- child #7503 (closed)
- child #7504 (closed)
- child #7505 (closed)
- child #7506 (closed)