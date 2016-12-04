Name : xen

Product : Fedora 25

Version : 4.7.1

Release : 3.fc25

URL : http://xen.org/

Summary : Xen is a virtual machine monitor

Description :

This package contains the XenD daemon and xm command line

tools, needed to manage virtual machines running under the

Xen hypervisor



xen : various security flaws (#1397383) x86 null segments not always treated as

unusable [XSA-191, CVE-2016-9386] x86 task switch to VM86 mode mis-handled

[XSA-192, CVE-2016-9382] x86 segment base write emulation lacking canonical

address checks [XSA-193, CVE-2016-9385] guest 32-bit ELF symbol table load

leaking host data [XSA-194, CVE-2016-9384] x86 64-bit bit test instruction

emulation broken [XSA-195, CVE-2016-9383] x86 software interrupt injection mis-

handled [XSA-196, CVE-2016-9377, CVE-2016-9378] qemu incautious about shared

ring processing [XSA-197, CVE-2016-9381] delimiter injection vulnerabilities in

pygrub [XSA-198, CVE-2016-9379, CVE-2016-9380]

[ 1 ] Bug #1392933 - CVE-2016-9382 xsa192 xen: x86 task switch to VM86 mode

mis-handled (XSA-192)

https://bugzilla.redhat.com/show_bug.cgi?id=1392933

[ 2 ] Bug #1392939 - CVE-2016-9379 CVE-2016-9380 xsa198 xen: delimiter

injection vulnerabilities in pygrub (XSA-198)

https://bugzilla.redhat.com/show_bug.cgi?id=1392939

[ 3 ] Bug #1392929 - CVE-2016-9385 xsa193 xen: x86 segment base write

emulation lacking canonical address checks (XSA-193)

https://bugzilla.redhat.com/show_bug.cgi?id=1392929

[ 4 ] Bug #1392934 - CVE-2016-9384 xsa194 xen: guest 32-bit ELF symbol table

load leaking host data (XSA-194)

https://bugzilla.redhat.com/show_bug.cgi?id=1392934

[ 5 ] Bug #1392938 - CVE-2016-9381 xsa197 xen: qemu incautious about shared

ring processing (XSA-197)

https://bugzilla.redhat.com/show_bug.cgi?id=1392938

[ 6 ] Bug #1392937 - CVE-2016-9377 CVE-2016-9378 xsa196 xen: x86 software

interrupt injection mis-handled (XSA-196)

https://bugzilla.redhat.com/show_bug.cgi?id=1392937

[ 7 ] Bug #1392935 - CVE-2016-9383 xsa195 xen: x86 64-bit bit test

instruction emulation broken (XSA-195)

https://bugzilla.redhat.com/show_bug.cgi?id=1392935

[ 8 ] Bug #1392932 - CVE-2016-9386 xsa191 xen: x86 null segments not always

treated as unusable (XSA-191)

https://bugzilla.redhat.com/show_bug.cgi?id=1392932

