drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Mehrere Probleme in Xen
Name: |
Mehrere Probleme in Xen |
|
ID: |
202409-10 |
|
Distribution: |
Gentoo |
|
Plattformen: |
Keine Angabe |
|
Datum: |
Mo, 23. September 2024, 07:46 |
|
Referenzen: |
https://xenbits.xen.org/xsa/advisory-455.html
https://xenbits.xen.org/xsa/advisory-437.html
https://xenbits.xen.org/xsa/advisory-441.html
https://xenbits.xen.org/xsa/advisory-451.html
https://nvd.nist.gov/vuln/detail/CVE-2023-34328
https://xenbits.xen.org/xsa/advisory-442.html
https://xenbits.xen.org/xsa/advisory-431.html
https://nvd.nist.gov/vuln/detail/CVE-2023-46837
https://nvd.nist.gov/vuln/detail/CVE-2024-31142
https://xenbits.xen.org/xsa/advisory-454.html
https://nvd.nist.gov/vuln/detail/CVE-2023-28746
https://nvd.nist.gov/vuln/detail/CVE-2023-46840
https://nvd.nist.gov/vuln/detail/CVE-2023-34324
https://nvd.nist.gov/vuln/detail/CVE-2024-2193
https://xenbits.xen.org/xsa/advisory-453.html
https://xenbits.xen.org/xsa/advisory-449.html
https://xenbits.xen.org/xsa/advisory-447.html
https://xenbits.xen.org/xsa/advisory-452.html
https://xenbits.xen.org/xsa/advisory-439.html
https://nvd.nist.gov/vuln/detail/CVE-2022-42336
https://nvd.nist.gov/vuln/detail/CVE-2023-46841
https://nvd.nist.gov/vuln/detail/CVE-2023-46839
https://nvd.nist.gov/vuln/detail/CVE-2023-46836
https://xenbits.xen.org/xsa/advisory-438.html
https://xenbits.xen.org/xsa/advisory-450.html
https://nvd.nist.gov/vuln/detail/CVE-2023-46835
https://nvd.nist.gov/vuln/detail/CVE-2022-4949
https://nvd.nist.gov/vuln/detail/CVE-2023-34323
https://xenbits.xen.org/xsa/advisory-436.html
https://nvd.nist.gov/vuln/detail/CVE-2023-34321
https://nvd.nist.gov/vuln/detail/CVE-2023-34319
https://xenbits.xen.org/xsa/advisory-432.html
https://xenbits.xen.org/xsa/advisory-440.html
https://nvd.nist.gov/vuln/detail/CVE-2023-34320
https://nvd.nist.gov/vuln/detail/CVE-2023-34327
https://nvd.nist.gov/vuln/detail/CVE-2023-34322
https://nvd.nist.gov/vuln/detail/CVE-2023-46842
https://nvd.nist.gov/vuln/detail/CVE-2023-34325 |
|
Applikationen: |
Xen |
|
Originalnachricht |
--===============1750512205519675791== Content-Type: text/plain; charset="utf-8"
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 202409-10 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: Normal Title: Xen: Multiple Vulnerabilities Date: September 22, 2024 Bugs: #918669, #921355, #923741, #928620, #929038 ID: 202409-10
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis ========
Multiple vulnerabilities have been discovered in Xen, the worst of which could lead to privilege escalation.
Background ==========
Xen is a bare-metal hypervisor.
Affected packages =================
Package Vulnerable Unaffected ----------------- ------------ ------------ app-emulation/xen < 4.17.4 >= 4.17.4
Description ===========
Multiple vulnerabilities have been discovered in Xen. Please review the CVE identifiers referenced below for details.
Impact ======
Please review the referenced CVE identifiers for details.
Workaround ==========
There is no known workaround at this time.
Resolution ==========
All Xen users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=app-emulation/xen-4.17.4"
References ==========
[ 1 ] CVE-2022-4949 https://nvd.nist.gov/vuln/detail/CVE-2022-4949 [ 2 ] CVE-2022-42336 https://nvd.nist.gov/vuln/detail/CVE-2022-42336 [ 3 ] CVE-2023-28746 https://nvd.nist.gov/vuln/detail/CVE-2023-28746 [ 4 ] CVE-2023-34319 https://nvd.nist.gov/vuln/detail/CVE-2023-34319 [ 5 ] CVE-2023-34320 https://nvd.nist.gov/vuln/detail/CVE-2023-34320 [ 6 ] CVE-2023-34321 https://nvd.nist.gov/vuln/detail/CVE-2023-34321 [ 7 ] CVE-2023-34322 https://nvd.nist.gov/vuln/detail/CVE-2023-34322 [ 8 ] CVE-2023-34323 https://nvd.nist.gov/vuln/detail/CVE-2023-34323 [ 9 ] CVE-2023-34324 https://nvd.nist.gov/vuln/detail/CVE-2023-34324 [ 10 ] CVE-2023-34325 https://nvd.nist.gov/vuln/detail/CVE-2023-34325 [ 11 ] CVE-2023-34327 https://nvd.nist.gov/vuln/detail/CVE-2023-34327 [ 12 ] CVE-2023-34328 https://nvd.nist.gov/vuln/detail/CVE-2023-34328 [ 13 ] CVE-2023-46835 https://nvd.nist.gov/vuln/detail/CVE-2023-46835 [ 14 ] CVE-2023-46836 https://nvd.nist.gov/vuln/detail/CVE-2023-46836 [ 15 ] CVE-2023-46837 https://nvd.nist.gov/vuln/detail/CVE-2023-46837 [ 16 ] CVE-2023-46839 https://nvd.nist.gov/vuln/detail/CVE-2023-46839 [ 17 ] CVE-2023-46840 https://nvd.nist.gov/vuln/detail/CVE-2023-46840 [ 18 ] CVE-2023-46841 https://nvd.nist.gov/vuln/detail/CVE-2023-46841 [ 19 ] CVE-2023-46842 https://nvd.nist.gov/vuln/detail/CVE-2023-46842 [ 20 ] CVE-2024-2193 https://nvd.nist.gov/vuln/detail/CVE-2024-2193 [ 21 ] CVE-2024-31142 https://nvd.nist.gov/vuln/detail/CVE-2024-31142 [ 22 ] XSA-431 https://xenbits.xen.org/xsa/advisory-431.html [ 23 ] XSA-432 https://xenbits.xen.org/xsa/advisory-432.html [ 24 ] XSA-436 https://xenbits.xen.org/xsa/advisory-436.html [ 25 ] XSA-437 https://xenbits.xen.org/xsa/advisory-437.html [ 26 ] XSA-438 https://xenbits.xen.org/xsa/advisory-438.html [ 27 ] XSA-439 https://xenbits.xen.org/xsa/advisory-439.html [ 28 ] XSA-440 https://xenbits.xen.org/xsa/advisory-440.html [ 29 ] XSA-441 https://xenbits.xen.org/xsa/advisory-441.html [ 30 ] XSA-442 https://xenbits.xen.org/xsa/advisory-442.html [ 31 ] XSA-447 https://xenbits.xen.org/xsa/advisory-447.html [ 32 ] XSA-449 https://xenbits.xen.org/xsa/advisory-449.html [ 33 ] XSA-450 https://xenbits.xen.org/xsa/advisory-450.html [ 34 ] XSA-451 https://xenbits.xen.org/xsa/advisory-451.html [ 35 ] XSA-452 https://xenbits.xen.org/xsa/advisory-452.html [ 36 ] XSA-453 https://xenbits.xen.org/xsa/advisory-453.html [ 37 ] XSA-454 https://xenbits.xen.org/xsa/advisory-454.html [ 38 ] XSA-455 https://xenbits.xen.org/xsa/advisory-455.html
Availability ============
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/202409-10
Concerns? =========
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License =======
Copyright 2024 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
https://creativecommons.org/licenses/by-sa/2.5 --===============1750512205519675791== Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc"
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEpqTA6ABLMxh/aChGFMQkOaVy+9kFAmbvvDsACgkQFMQkOaVy +9lbAg/+OsGZGESikBEfaekGO7l7bn+nmbUzua4RiPBPdeUavGKMkIlkpzuRqHlK 88kJ7zAznbwvD+GJ29acAEjFLPDv0bWiO0TsohI0291UwcHOLBfBm1F9Yb4+TCXs twaFrXQFIyVUFXtg/WtmYjghoiMteJmpzf/uLMCOu3aMdLsPeNwlg2dCULQOXbcA 3zuytU/9+n0zF8mLJb1PHLR18v5Nnu1UzwuTKQhtF1KhN7zoxXchDr6BhHylLnVk thsSgaXIsEWSTM5OtAOeQ6tnB9YbPAoPQQWIwe29UPhyVIi2qj1wnzdsAKdEsnwU M7zOzXIk7R/hXSynJTcyl5pF/bLfbBS/zcLmcPqSnf/Y9NSA3Ive6E7eS5uK+1AY k9UEi6llABsEPtqyx8YfNbD10rYzoel3kUQfZtU2AAUFBTtQ1gyfBTnoGFcuz4WM bHE32NMGAgMIKU7Yr7/9XmixdWCJdCtfzDdMXCGYxXWT/0qrIt27p7Ic43r9WiNn nBIkIiSfEHDRK0dtZBppomEknYuo2snAVqBgk7b/l+rgl8TWuLiF6D22JH5DmvEF ByEzxW35/CFrEyB9xcVs0n3ufECc69V7Joi7vCHAFw/IXXUbrH4tHDyMpJZUE9rQ G2M0pMiLv+xGj/NM7IPnVTaIjGuRVTzJHwOnvN2VUT2EQATOfI8= =0yuN -----END PGP SIGNATURE-----
--===============1750512205519675791==--
|
|
|
|