Fedora 21 Security Update: xen-4.4.1-8.fc21

Resolved Bugs
1166913 – CVE-2014-9030 kernel: xen: Guest effectable page reference leak in MMU_MACHPHYS_UPDATE handling
1166914 – CVE-2014-9030 kernel: xen: Guest effectable page reference leak in MMU_MACHPHYS_UPDATE handling [fedora-all]
1165205 – CVE-2014-8594 kernel: xen: Insufficient restrictions on certain MMU update hypercalls (xsa109) [fedora-all]
1165204 – CVE-2014-8595 kernel: xen: Missing privilege level checks in x86 emulation of far branches (xsa110) [fedora-all]
1086776 – CVE-2014-0150 xen: qemu: virtio-net: buffer overflow in virtio_net_handle_mac() function [fedora-all]
1160664 – CVE-2014-8594 kernel: xen: Insufficient restrictions on certain MMU update hypercalls (xsa109)
1160643 – CVE-2014-8595 kernel: xen: Missing privilege level checks in x86 emulation of far branches (xsa110)
1078846 – CVE-2014-0150 qemu: virtio-net: buffer overflow in virtio_net_handle_mac() function<br
Guest effectable page reference leak in MMU_MACHPHYS_UPDATE handling
Insufficient restrictions on certain MMU update hypercalls,
Missing privilege level checks in x86 emulation of far branches,
Add fix for CVE-2014-0150 to qemu-dm, though it probably isn’t
exploitable from xen

Leave a Reply