[3.8] xen: Multiple vulnerabilitie (CVE-2018-7540, CVE-2018-7541, CVE-2018-7542)
CVE-2018-7540, XSA-252: DoS via non-preemptable L3/L4 pagetable freeing
All Xen versions are vulnerable.
Reference:
http://xenbits.xen.org/xsa/advisory-252.html
CVE-2018-7541, XSA-255: grant table v2 ->v1 transition may crash Xen
Xen versions 4.0 and newer are vulnerable.
Reference:
http://xenbits.xen.org/xsa/advisory-255.html
CVE-2018-7542, XSA-256: x86 PVH guest without LAPIC may DoS the host
Xen version 4.8 and onwards are vulnerable.
Reference:
http://xenbits.xen.org/xsa/advisory-256.html
(from redmine: issue id 8613, created on 2018-03-06, closed on 2018-03-19)
- Relations:
- copied_to #8612 (closed)
- parent #8612 (closed)
- Changesets:
- Revision 6f854a08 by Daniel Sabogal on 2018-03-19T08:17:54Z:
main/xen: security fixes for XSA-252, XSA-255, and XSA-256
CVE-2018-7540 XSA-252
CVE-2018-7541 XSA-255
CVE-2018-7542 XSA-256
fixes #8613