exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

Debian Security Advisory 3140-1

Debian Security Advisory 3140-1
Posted Jan 27, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3140-1 - Multiple security issues have been discovered in the Xen virtualization solution which may result in denial of service, information disclosure or privilege escalation.

tags | advisory, denial of service, info disclosure
systems | linux, debian
advisories | CVE-2014-8594, CVE-2014-8595, CVE-2014-8866, CVE-2014-8867, CVE-2014-9030
SHA-256 | a2106c197e2e01397c5028ddbf50e4b1ec243676cc7ab6262b916a12ae043f69

Debian Security Advisory 3140-1

Change Mirror Download
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- -------------------------------------------------------------------------
Debian Security Advisory DSA-3140-1 security@debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
January 27, 2015 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : xen
CVE ID : CVE-2014-8594 CVE-2014-8595 CVE-2014-8866 CVE-2014-8867
CVE-2014-9030

Multiple security issues have been discovered in the Xen virtualisation
solution which may result in denial of service, information disclosure
or privilege escalation.

CVE-2014-8594

Roger Pau Monne and Jan Beulich discovered that incomplete
restrictions on MMU update hypercalls may result in privilege
escalation.

CVE-2014-8595

Jan Beulich discovered that missing privilege level checks in the
x86 emulation of far branches may result in privilege escalation.

CVE-2014-8866

Jan Beulich discovered that an error in compatibility mode hypercall
argument translation may result in denial of service.

CVE-2014-8867

Jan Beulich discovered that an insufficient restriction in
acceleration support for the "REP MOVS" instruction may result in
denial of service.

CVE-2014-9030

Andrew Cooper discovered a page reference leak in MMU_MACHPHYS_UPDATE
handling, resulting in denial of service.

For the stable distribution (wheezy), these problems have been fixed in
version 4.1.4-3+deb7u4.

For the upcoming stable distribution (jessie), these problems have been
fixed in version 4.4.1-4.

For the unstable distribution (sid), these problems have been fixed in
version 4.4.1-4.

We recommend that you upgrade your xen packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBAgAGBQJUx233AAoJEBDCk7bDfE427SwP/0vk4BEClNotQKKEEJduVMP2
zb8b++/f4ZocQgezJ9/oew8UGgd9Klq6XcIh5BVaQi6PD70sw4uWX03820PCs88X
ywRCrTHSXPfPlwOG6dY8nZ1oOUItP64N03j+nugI27GNPgmJpu7xgewmY+c8vZpF
r5sEjhINwgDmHMCgb8bCFKQ/7UDUcE2MZJVF++oWuKusvCFo57cG/pakRwF9XFsw
Aw24obp7vySzOs5mThid3asOHcNqUYZml1YTI6E3nxL+bL9K11KFZzl98a75Q4YI
HJJuqJk3H5CO+GCSq2Dl6NzHBWA7hCFepaKilhj/Ao6vnAoqbkFjklwczofXM6fq
wQ1586wFp6ZTFtawn66DKoeT3CQp+OhOce5N4X3num6Ev32yaK8Rox7CF9xena6Q
ubEEW2pKKblwFJRVm9wyBo1RQvPUyMUsvbq+DNX2GBJ1+wOzIMqm0K9G7+nFlGI8
Z7u3RIgLTolzgFN0NR6B4A03/0kOYKNlrFuJB8wXerkwFsK/X4wX/f2dRJRleiNX
JzDvWYCfcjWTrRjcvGdotNELdDoz+eePFuRzp7Os4SdJE2dxdWBsmvqU/NXc8pBL
d1FtjPArM8IndL0Mf6+oPz3uAAFPjbaeTRQk/uhX7HPVN9gLDqyLWGuCsaf+seMu
9IwVAOzHz+HymOHT02af
=5heI
-----END PGP SIGNATURE-----
Login or Register to add favorites

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    69 Files
  • 14
    Nov 14th
    0 Files
  • 15
    Nov 15th
    0 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close