DSA-2337-1 xen -- several vulnerabilitiesID: oval:org.secpod.oval:def:600645 | Date: (C)2012-01-30 (M)2022-10-10 |
Class: PATCH | Family: unix |
Several vulnerabilities were discovered in the Xen virtual machine hypervisor. CVE-2011-1166 A 64-bit guest can get one of its vCPU"ss into non-kernel mode without first providing a valid non-kernel pagetable, thereby locking up the host system. CVE-2011-1583, CVE-2011-3262 Local users can cause a denial of service and possibly execute arbitrary code via a crafted paravirtualised guest kernel image. CVE-2011-1898 When using PCI passthrough on Intel VT-d chipsets that do not have interrupt remapping, guest OS can users to gain host OS privileges by writing to the interrupt injection registers. The oldstable distribution contains a different version of Xen not affected by these problems.