Download
| Alert*
|
oval:org.secpod.oval:def:1800888
CVE-2016-7092, XSA-185: x86: Disallow L3 recursive pagetable for 32-bit PV guests. Reference: CVE-2016-7093, XSA-186: x86: Mishandling of instruction pointer truncation during emulation. Reference: CVE-2016-7094, XSA-187: x86 HVM: Overflow of sh_ctxt- oval:org.secpod.oval:def:1800519 CVE-2016-7092, XSA-185: x86: Disallow L3 recursive pagetable for 32-bit PV guests Reference CVE-2016-7093, XSA-186: x86: Mishandling of instruction pointer truncation during emulation Reference CVE-2016-7094, XSA-187: x86 HVM: Overflow of sh_ctxt- oval:org.secpod.oval:def:89045354 This update for xen fixes several issues. These security issues were fixed: - CVE-2016-7092: The get_page_from_l3e function in arch/x86/mm.c in Xen allowed local 32-bit PV guest OS administrators to gain host OS privileges via vectors related to L3 recursive pagetables - CVE-2016-7093: Xen allowed ... oval:org.secpod.oval:def:602608 Multiple vulnerabilities have been discovered in the Xen hypervisor. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2016-7092 Jeremie Boutoille of Quarkslab and Shangcong Luan of Alibaba discovered a flaw in the handling of L3 pagetable entries, allowing a m ... |
