CVE-2016-10013

Jan Beulich and Jann Horn discovered multiple vulnerabilities in the Xen hypervisor, which may lead to privilege escalation, guest-to-host breakout, denial of service or information leaks In additional to the CVE identifiers listed above, this update also addresses the vulnerabilities announced as XSA-213, XSA-214 and XSA-215 For the stable distr ...

Debian Bug report logs - #845667 xen: CVE-2016-9384: guest 32-bit ELF symbol table load leaking host data Package: src:xen; Maintainer for src:xen is Debian Xen Team <pkg-xen-devel@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Fri, 25 Nov 2016 18:45:07 UTC Severity: important T ...

Debian Bug report logs - #848081 xen: CVE-2016-9932: x86 CMPXCHG8B emulation fails to ignore operand size override Package: src:xen; Maintainer for src:xen is Debian Xen Team <pkg-xen-devel@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Tue, 13 Dec 2016 21:03:02 UTC Severity: im ...

Debian Bug report logs - #848713 xen: CVE-2016-10013: x86: Mishandling of SYSCALL singlestep during emulation Package: src:xen; Maintainer for src:xen is Debian Xen Team <pkg-xen-devel@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Mon, 19 Dec 2016 19:06:01 UTC Severity: importa ...

Debian Bug report logs - #861662 possible memory corruption via failsafe callback [XSA-215] Package: src:xen; Maintainer for src:xen is Debian Xen Team <pkg-xen-devel@listsaliothdebianorg>; Reported by: Ian Jackson <ianjackson@eucitrixcom> Date: Tue, 2 May 2017 12:12:01 UTC Severity: important Tags: fixed-upst ...

Debian Bug report logs - #859560 xen: CVE-2017-7228: x86: broken check in memory_exchange() permits PV guest breakout (XSA-212) Package: src:xen; Maintainer for src:xen is Debian Xen Team <pkg-xen-devel@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Tue, 4 Apr 2017 19:51:02 UTC ...

Debian Bug report logs - #861659 64bit PV guest breakout [XSA-213] Package: src:xen; Maintainer for src:xen is Debian Xen Team <pkg-xen-devel@listsaliothdebianorg>; Reported by: Ian Jackson <ianjackson@eucitrixcom> Date: Tue, 2 May 2017 12:03:05 UTC Severity: important Tags: fixed-upstream, security, upstream ...

Debian Bug report logs - #861660 grant transfer allows PV guest to elevate privileges [XSA-214] Package: src:xen; Maintainer for src:xen is Debian Xen Team <pkg-xen-devel@listsaliothdebianorg>; Reported by: Ian Jackson <ianjackson@eucitrixcom> Date: Tue, 2 May 2017 12:03:08 UTC Severity: important Tags: fixed- ...

Debian Bug report logs - #845669 xen: CVE-2016-9377 CVE-2016-9378: x86 software interrupt injection mis-handled Package: src:xen; Maintainer for src:xen is Debian Xen Team <pkg-xen-devel@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Fri, 25 Nov 2016 18:54:01 UTC Severity: impor ...

Description of Problem A number of security issues have been identified within Citrix XenServer The most significant of these issues could, if exploited, allow a malicious administrator of a 64-bit PV guest VM to compromise the host  This issue has the identifier: CVE-2017-7228 (High): x86: broken check in memory_exchange() permits PV guest ...