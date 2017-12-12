-------------------------------------------------------------------------------

Fedora Update Notification

FEDORA-2017-f2577f2108

2017-12-12 13:48:05.815461

Name : xen

Product : Fedora 25

Version : 4.7.4

Release : 1.fc25

URL : http://xen.org/

Summary : Xen is a virtual machine monitor

Description :

This package contains the XenD daemon and xm command line

tools, needed to manage virtual machines running under the

Xen hypervisor



update to xen-4.7.4 update Source0 location ---- fix an issue in patch for

[XSA-240, CVE-2017-15595] that might be a security issue fix for [XSA-243,

CVE-2017-15592] could cause hypervisor crash (DOS)

References:



[ 1 ] Bug #1499823 - CVE-2017-15592 xsa243 xen: x86: Incorrect handling of

self-linear shadow mappings with translated guests (XSA-243)

https://bugzilla.redhat.com/show_bug.cgi?id=1499823

[ 2 ] Bug #1499820 - CVE-2017-15595 xsa240 xen: Unlimited recursion in linear

pagetable de-typing (XSA-240)

https://bugzilla.redhat.com/show_bug.cgi?id=1499820

