DSA-4369-1 xen -- xenID: oval:org.secpod.oval:def:603608 | Date: (C)2019-01-16 (M)2023-11-13 |
Class: PATCH | Family: unix |
Multiple vulnerabilities have been discovered in the Xen hypervisor: CVE-2018-19961 / CVE-2018-19962 Paul Durrant discovered that incorrect TLB handling could result in denial of service, privilege escalation or information leaks. CVE-2018-19965 Matthew Daley discovered that incorrect handling of the INVPCID instruction could result in denial of service by PV guests. CVE-2018-19966 It was discovered that a regression in the fix to address CVE-2017-15595 could result in denial of service, privilege escalation or information leaks by a PV guest. CVE-2018-19967 It was discovered that an error in some Intel CPUs could result in denial of service by a guest instance.
Product: |
xen-hypervisor-4.8-amd64 |
libxen-dev |
xen-hypervisor-4.8-arm64 |
xen-hypervisor-4.8-armhf |
xen-system-armhf |
xen-utils-4.8 |
xen-system-arm64 |
libxen-4.8 |
libxenstore3.0 |
xen-utils-common |
xen-system-amd64 |
xenstore-utils |