[3.7] xen: Multiple vulnerabilitie (CVE-2018-7540, CVE-2018-7541, CVE-2018-7542)
CVE-2018-7540, XSA-252: DoS via non-preemptable L3/L4 pagetable freeing
All Xen versions are vulnerable.
Reference:
http://xenbits.xen.org/xsa/advisory-252.html
CVE-2018-7541, XSA-255: grant table v2 ->v1 transition may crash Xen
Xen versions 4.0 and newer are vulnerable.
Reference:
http://xenbits.xen.org/xsa/advisory-255.html
CVE-2018-7542, XSA-256: x86 PVH guest without LAPIC may DoS the host
Xen version 4.8 and onwards are vulnerable.
Reference:
http://xenbits.xen.org/xsa/advisory-256.html
(from redmine: issue id 8614, created on 2018-03-06, closed on 2018-03-19)
- Relations:
- copied_to #8612 (closed)
- parent #8612 (closed)
- Changesets:
- Revision 1fb3325a on 2018-03-06T12:31:18Z:
main/xen: security fixes
CVE-2018-7540, XSA-252
CVE-2018-7541, XSA-255
CVE-2018-7542, XSA-256
Fixes #8614
To upload designs, you'll need to enable LFS and have admin enable hashed storage. More information