FEDORA-2016-0049aa6e5d

security update in Fedora 23 for xen

Status: stable 3 years ago

x86: Privilege escalation in PV guests [XSA-182, CVE-2016-6258] x86: Missing SMAP whitelisting in 32-bit exception / event delivery [XSA-183, CVE-2016-6259] virtio: unbounded memory allocation issue [XSA-184, CVE-2016-5403] Qemu: scsi: esp: OOB write access in esp_do_dma [CVE-2016-6351]

How to install

sudo dnf upgrade --advisory=FEDORA-2016-0049aa6e5d

Comments 7

This update has been submitted for testing by myoung.

This update has been pushed to testing.

This update has reached 7 days in testing and can be pushed to stable now if the maintainer wishes

This update has been submitted for stable by myoung.

This update has been pushed to stable.

After this patch update, how to validate the patch is effective?

Problem: if I create a HVM Windows VM and then issue an "xl shutdown VM" the machine remains in ---s-- state, even if I leave the default behavior or configure it as on_poweroff = 'destroy'.

Even the last XEN package has this behaviour. I tried "old" signed windows xen PV driver, and also the latest git. It's only my problem?

Add Comment & Feedback

Please login to add feedback.

Content Type
RPM
Status
stable
Test Gating
Submitted by
Update Type
security
Update Severity
unspecified
Karma
0
stable threshold: 3
unstable threshold: -3
Autopush (karma)
Enabled
Autopush (time)
Disabled
Dates
submitted 3 years ago
in testing 3 years ago
in stable 3 years ago

Related Bugs 7

00 #1355983 CVE-2016-6259 xsa183 xen: x86: Missing SMAP whitelisting in 32-bit exception / event delivery (XSA-183)
00 #1355987 CVE-2016-6258 xsa182 xen: x86: Privilege escalation in PV guests (XSA-182)
00 #1358359 CVE-2016-5403 Qemu: virtio: unbounded memory allocation on host via guest leading to DoS
00 #1360358 CVE-2016-6258 xsa182 xen: x86: Privilege escalation in PV guests (XSA-182) [fedora-all]
00 #1360359 CVE-2016-6259 xsa183 xen: x86: Missing SMAP whitelisting in 32-bit exception / event delivery (XSA-183) [fedora-all]
00 #1360599 CVE-2016-6351 Qemu: scsi: esp: OOB write access in esp_do_dma
00 #1360831 CVE-2016-5403 xen: Qemu: virtio: unbounded memory allocation on host via guest leading to DoS [fedora-all]

Automated Test Results