-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-3663-1                   security@debian.org
https://www.debian.org/security/                     Salvatore Bonaccorso
September 09, 2016                    https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : xen
CVE ID         : CVE-2016-7092 CVE-2016-7094 CVE-2016-7154

Multiple vulnerabilities have been discovered in the Xen hypervisor. The
Common Vulnerabilities and Exposures project identifies the following
problems:

CVE-2016-7092 (XSA-185)

    Jeremie Boutoille of Quarkslab and Shangcong Luan of Alibaba
    discovered a flaw in the handling of L3 pagetable entries, allowing
    a malicious 32-bit PV guest administrator can escalate their
    privilege to that of the host.

CVE-2016-7094 (XSA-187)

    x86 HVM guests running with shadow paging use a subset of the x86
    emulator to handle the guest writing to its own pagetables. Andrew
    Cooper of Citrix discovered that there are situations a guest can
    provoke which result in exceeding the space allocated for internal
    state. A malicious HVM guest administrator can cause Xen to fail a
    bug check, causing a denial of service to the host.

CVE-2016-7154 (XSA-188)

    Mikhail Gorobets of Advanced Threat Research, Intel Security
    discovered a use after free flaw in the FIFO event channel code. A
    malicious guest administrator can crash the host, leading to a
    denial of service. Arbitrary code execution (and therefore privilege
    escalation), and information leaks, cannot be excluded.

For the stable distribution (jessie), these problems have been fixed in
version 4.4.1-9+deb8u7.

We recommend that you upgrade your xen packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJX0kg2AAoJEAVMuPMTQ89EAG0P/0fZID2dOBod15r0GoN28Y7L
qFx1Yx3+ZJi/SEq1IVZQQczXCSz19EVe0s+nzcFzsaS5RStoHtUy2DZygjSV+lHU
asmfwZgrWeaQejDfo6F8rihXbLCU+cD+R5YUWUODiA6z0NClYHxWu6IgZPPVPRJm
vgoPUlSgZRBn/4P5WaLk3rjflMynxbmuLpPOiBxue1ZNzRy4N5rr2w8mGI5Wf0vq
MdLkIROy5F3GJvZ30uO4ca4U6fUN49pJ3CE+YefQDsav7MyD9o3wA+94bQ7oFXgj
+65QZLtKPhPYX0m3pFwmfuiQCupzog1B9o33eYyBAUV6i2JRS4FQ4ciKujBj+tNC
KD1agKNRgXFKgr2itDKlmMgajrACKS1vVnVJrRwlWyX0kegeH61UQFKu7oiWtzl+
WO853HRFaIQFOwrFEPv0KWKzA4zrmz7FXjqSG/yvJAeDenLbODclJlgn4Sei68oI
G4nZNPc9Lkfq2xK2UY0FsNKmf1cg92423raKzDhXZbSXl4BVa83d3ZaFCehKrQVO
MCDytLw0OudR0aa1kT4O11mwPVLtz2GzxtNv+GVzcsBDoyBvZSyWt8RO6bBDSfiA
FYvRvd19L7GQmRoQGdwS2v+2AdU+P4LvZe7NXBXXaW6KWkXccWlk4zd60a2b+FyO
GqVKO5POhzy86ToQ5Nho
=rOCc
-----END PGP SIGNATURE-----