DSA-4369-1 xen -- xenID: oval:org.secpod.oval:def:53493 | Date: (C)2019-06-04 (M)2024-01-29 |
Class: PATCH | Family: unix |
Multiple vulnerabilities have been discovered in the Xen hypervisor: CVE-2018-19961 / CVE-2018-19962 Paul Durrant discovered that incorrect TLB handling could result in denial of service, privilege escalation or information leaks. CVE-2018-19965 Matthew Daley discovered that incorrect handling of the INVPCID instruction could result in denial of service by PV guests. CVE-2018-19966 It was discovered that a regression in the fix to address CVE-2017-15595 could result in denial of service, privilege escalation or information leaks by a PV guest. CVE-2018-19967 It was discovered that an error in some Intel CPUs could result in denial of service by a guest instance.