[3.4] xen: Multiple vulnerabilities (CVE-2017-17044, CVE-2017-17045)
CVE-2017-17044, XSA-246: x86: infinite loop due to missing PoD error checking
Xen versions from 3.4.x onwards are affected.
References:
http://xenbits.xen.org/xsa/advisory-246.html
http://openwall.com/lists/oss-security/2017/11/30/6
CVE-2017-17045, XSA-247: Missing p2m error checking in PoD code
All systems from Xen 3.4 are vulnerable.
References:
http://xenbits.xen.org/xsa/advisory-247.html
http://openwall.com/lists/oss-security/2017/11/30/7
(from redmine: issue id 8222, created on 2017-12-01, closed on 2018-01-02)
- Relations:
- parent #8219 (closed)
- Changesets:
- Revision 281e53a3 on 2018-01-01T08:51:41Z:
main/xen: security fixes
CVE-2017-17044, CVE-2017-17045
Fixes #8222