CVE-2016-9385

Multiple vulnerabilities have been discovered in the Xen hypervisor The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2016-7777 (XSA-190) Jan Beulich from SUSE discovered that Xen does not properly honor CR0TS and CR0EM for x86 HVM guests, potentially allowing guest users to read or modify F ...

Debian Bug report logs - #845667 xen: CVE-2016-9384: guest 32-bit ELF symbol table load leaking host data Package: src:xen; Maintainer for src:xen is Debian Xen Team <pkg-xen-devel@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Fri, 25 Nov 2016 18:45:07 UTC Severity: important T ...

Debian Bug report logs - #845670 xen: CVE-2016-9379 CVE-2016-9380: delimiter injection vulnerabilities in pygrub Package: src:xen; Maintainer for src:xen is Debian Xen Team <pkg-xen-devel@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Fri, 25 Nov 2016 18:57:01 UTC Severity: impo ...

Debian Bug report logs - #845665 xen: CVE-2016-9385: x86 segment base write emulation lacking canonical address checks Package: src:xen; Maintainer for src:xen is Debian Xen Team <pkg-xen-devel@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Fri, 25 Nov 2016 18:45:01 UTC Severity ...

Debian Bug report logs - #848713 xen: CVE-2016-10013: x86: Mishandling of SYSCALL singlestep during emulation Package: src:xen; Maintainer for src:xen is Debian Xen Team <pkg-xen-devel@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Mon, 19 Dec 2016 19:06:01 UTC Severity: importa ...

Debian Bug report logs - #845668 xen: CVE-2016-9383: x86 64-bit bit test instruction emulation broken Package: src:xen; Maintainer for src:xen is Debian Xen Team <pkg-xen-devel@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Fri, 25 Nov 2016 18:51:02 UTC Severity: important Tags: ...

Debian Bug report logs - #845664 xen: CVE-2016-9382: x86 task switch to VM86 mode mis-handled Package: src:xen; Maintainer for src:xen is Debian Xen Team <pkg-xen-devel@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Fri, 25 Nov 2016 18:39:04 UTC Severity: important Tags: patch, ...

Debian Bug report logs - #845663 xen: CVE-2016-9386: x86 null segments not always treated as unusable Package: src:xen; Maintainer for src:xen is Debian Xen Team <pkg-xen-devel@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Fri, 25 Nov 2016 18:39:01 UTC Severity: important Tags: ...

Debian Bug report logs - #845669 xen: CVE-2016-9377 CVE-2016-9378: x86 software interrupt injection mis-handled Package: src:xen; Maintainer for src:xen is Debian Xen Team <pkg-xen-devel@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Fri, 25 Nov 2016 18:54:01 UTC Severity: impor ...

The x86 segment base write emulation functionality in Xen 44x through 47x allows local x86 PV guest OS administrators to cause a denial of service (host crash) by leveraging lack of canonical address checks ...

Description of Problem A number of security vulnerabilities have been identified in Citrix XenServer that may allow malicious code running within a guest VM to compromise the host These vulnerabilities affect all currently supported versions of Citrix XenServer up to and including Citrix XenServer 70 For releases before Citrix XenServer 70, the ...